Step 2 of 12 steps to GDPR compliance in 12 posts


This is Step 2 in our series of emails to help you get ready for GDPR. Missed Step 1? You can view it here: STEP 1

It’s really important that you are ready. Over the next few weeks, we will be giving you 12 practical steps that you must take to be ready for 25 May.


A key component of GDPR is documentation and reporting, the starting point is to understand what information you hold.

  • You should document what personal data you hold, where it came from and who you share it with.
  • You may need to organise an information audit across the organisation or within particular business areas.
  • The GDPR requires you to maintain records of your processing activities.
  • If you have inaccuracies, you must correct them on your records and on those that you may have shared – you won’t be able to do this unless you know what personal data you hold, where it came from and who you share it with.
  • You should document this. Doing this will also help you to comply with the GDPR’s accountability principle, which requires organisations to be able to show how they comply with the data protection principles, for example by having effective policies and procedures in place.

We are here to help

Qubic can work alongside you to help you meet the conditions laid out by the Information Commissioner’s Office for compliance with the new legislation. We have a team with expert knowledge, experience and technology to help your organisation be ready for GDPR on 25 May – but that’s not very far away now.

You can’t afford to wait any longer – contact Qubic today on 020 8601 7000  and we can help you work towards compliance. Even the longest journey starts with the first step…