The RMI has taken steps to implement measures to ensure compliance – these include:
- Taking specialist legal advice on the application of the GDPR to its operations.
- Implementing or updating relevant internal policies – including its Data Privacy and GDPR Compliance Policy, Record Retention and Destruction Policy, Individual Rights Request Policy, Written Information Security Program, and its Incident Response Plan.
- Updating its privacy notice and developing cookies notices for its websites, to ensure transparency of its data processing activities.
- Updating its standard agreements for use with suppliers who are processors for the RMI.
The RMI will continue to review and integrate these measures into its procedures and ensure compliance with what the law requires.