Just when you thought your GDPR compliance journey was on track, your compliance manager hands in notice and you have one month to find a replacement. The options are: a) panic or b) rest assured that the transition to a new manager will be smooth. But what would be the best route to ensuring no work history or data files are lost in the process of your compliance manager leaving the scene? How can you guarantee that what you’ve accomplished to date remains in tact?
The answer to a straightforward onward journey is GDPR software. Why? Because it keeps all your compliance efforts in one place and every step along your compliance journey is recorded.
With dedicated compliance software a change in management becomes a case of giving your new manager access to the software and allowing him or her the time to go through your company’s log of compliance tasks.
How exactly does compliance software make it easy?
Proof in one place
Compliance software records an audit of your compliance journey, so a new manager will be able to view the status of all your compliance efforts and therefore know exactly what has been done and what still needs to be done to become or remain compliant.
Your data processing activities are recorded within the software so a new manager can check how personal data flows through your company and where your potential data protection risks lie. With this information he or she will be able to understand and manage the data protection tasks going forward.
The status of each employee’s training status is easily viewed online so there can be no confusion about the training employees have completed or what they still need to do.
All security incidents are logged on the software, and it’s easy for anyone with access to the log to find out what happened, when a response was sent, and if or when the breach was reported to the authorities.
Compliance software logs all SARs on your system along with the processing status of each one. Your new manager will therefore be able to see whether data subjects have asked to have their personal information changed or erased altogether and if this has been actioned yet.
Your privacy statements are logged and even generated (if you want them to be) by compliance software, so your new manager will be able to view all governance and make changes to the documents before publishing them again.
Personally I can’t imagine how a new compliance manager would cope without the comprehensive web of information held by compliance software. Taking over with compliance software in place would mean that knowledge transfer would happen automatically, ie all personal data and systems would be on the table or rather, in the cloud, right from the start.