Data Protection Internal Compliance Toolkit
PHRP’s Data Protection Internal Compliance Toolkit is designed to provide your organisation with a comprehensive solution to checking your own compliance with data protection law. Addressing ten key areas of data protection (eleven for MATs), this toolkit will support the Data Protection Officer in understanding what the expectations are in each category of internal compliance and what evidence to look. The outcome of this process will support the organisation to formulate an action plan to address areas of risk or improvement.
What
The Audit Tool is supported by a comprehensive guidance document, ensuring the Data Protection Officer is well informed and can substantiate why evidence needs to be reviewed. The toolkit also includes questions to ask employees during an audit to raise awareness of this important topic and support a data protection culture.
Providing information to the Data Controller is critical in supporting accountability for data protection in the organisation. The toolkit includes two report templates; one to report on the findings of the audit and one to report on ongoing data protection activity.
The audit covers these areas:
- Accountability and Governance
- Data Protection Officer Role
- Induction and Training
- Data Mapping and Processing
- Privacy Notices
- Individual Data Rights
- Data Breaches
- Data Management and Retention
- Third Party Contractors
- Cyber Security
- Additional considerations for Multi Academy Trusts
How
The Audit Toolkit contains the following documents:
Data Protection Audit Tool
Data Protection Audit Tool Guidance (over 30 pages of comprehensive support)
Data Protection Audit Discussion Questions
Data Protection Audit Report Template
Data Protection Activity Report Template