Notify stakeholders on changes to data protection policies and practices

Notify stakeholders
Data protection officer should keep stakeholders apprised of the changes to their policies or practices as part of their training and communication plan. An organization’s data protection policies and practices should be accessible. For example:

  • Softcopy stored on organization’s repository (e.g. intranet) for all staff’s reference
  • Hardcopy version filed and kept with each department