Maureen's Blog For Ask Askew

 My blogs aim to provide childcare business owners and managers with relevant business and childcare related information.

I am a Business Consultant specialising in the childcare sector. I am an active member of the Chartered Management Institute, Institute of Consulting, Federation of Small Businesses and the Chamber of Commerce.

I have been a Chartered Manager since 2007 I am also a 4Children Business Champion. I write feature articles for 2 childcare/family magazines, on issues that are of interest to families and childcare providers. I have been involved in childcare for over 35 years.

A life time ago starting with my NNEB training, I have been a registered Childminder, owned and managed pre-schools and full day care, worked as a paid employee and volunteer for the Pre-school Learning Alliance, delivered qualification and short childcare courses in FE colleges across Lancashire and North Yorkshire and worked as part of the early year’s teams at Blackburn with Darwen and Bolton LA for over 15 years.

 

Get our blog posts straight to your inbox by entering your email below:

Compliance

Use our handy checklist to help you assess where your business is now in terms of GDPR compliance (Tick when completed)

  1. You have conducted an audit on what personal data you hold, where the data came from and who it is shared with.
  2. You have identified the lawful bases for processing data and have documented it.
  3. You have reviewed how you ask for and record consent for processing data.
  4. You have a system to record and manage on-going consent.
  5. Your business is currently registered with the Information Commissioner’s Office.
  6. Your business has a privacy notice.
  7. You have a process for handling Subject Access Requests.
  8. You have a procedure to respond to an individuals’ request to restrict the processing of their personal data.
  9. You have a process for ensuring the personal data you hold remains accurate and up to date.
  10. You have a process for securely disposing of personal data that is no longer required in line with agreed timescales or where an individual has asked you to erase it.
  11. You have processes to allow individuals to move, copy or transfer their personal data to other organisations.
  12. You have a procedure to handle an individuals’ objection to the processing of their personal data.
  13. You have an appropriate data protection policy.
  14. You provide data protection training for all staff and you make a record of this.
  15. You have a written contract with any third parties you use where data is shared.
  16. You understand when you must conduct a Data Protection Impact Assessment (DPIA) and have a process in place to action this.
  17. You have a nominated data protection officer (DPO) who takes responsibility for all things relating to data protection.
  18. You have an information security policy which is supported by appropriate security measures.
  19. You have an effective process to identify, report, manage and resolve any personal data protection breaches.
  20. You have a process for monitoring your compliance with data protection policies and regularly review the effectiveness of data handling and security controls.

Still unsure about what you need to do...? Farleys' Commercial team can help in getting your business GDPR compliant. Contact us on 01254 229800 or email Sally.Eastwood@farleys.com or Jenny.Goodwin@farleys.com
© The contents of this guide are the copyright of Farleys Solicitors LLP