A short guide for the busy data protection professional who needs to ensure that their organisation operates practices and procedures that meet legal obligations. People who follow the advice in this guide will significantly improve the likelihood that, should their organisation be examined, a data protection regulator will determine that there is a high level of assurance that effective controls are in place.
Reader, beware - this is not a book designed for people who are obsessed with complying with absolutely every aspect of data protection law. They may think that I've set the bar far too low in terms of what needs to be done do demonstrate that organisations take data protection issues sufficiently seriously.
But, reader, please feel free to ignore these critics. If you have, and can also monitor, the controls that I've outlined in this guide, you're well on the way to data protection nirvana.