General Data Protection Regulation (GDPR)
On 25th May 2018 the General Data Protection Regulation (GDPR) comes into force, creating challenges that require action from every organisation, before, during and after the deadline.
Are you ready?
The GDPR is a new regulation seeking to unify data protection across the EU. It incorporates significant and new requirements for governing data and how it is used, collected, retained and shared. This will apply to all data controllers and data processors in the EU. The new data protection law would apply to the data processed by an organisation situated within the EU. Additionally, the Regulation will have an extraterritorial effect.
Did you know?
An organisation can be fined up to 4% of annual global turnover or €20 Million (whichever is greater) for non compliance.
Perform impact assessment and data discovery
- GDPR readiness assessment
- Data classification and discovery
Perform gap assessment to identify existing privacy capabilities
- Privacy impact assessment for information systems and business processes
- Privacy and information security related policies review
- IT control and security assessment
- Privacy road map
Define governance structure to coordinate, operate and implement remediation activities
- Support in the set up of data governance structure, development of related privacy policies and processes
Implement processes and changes
- Conduct privacy awareness workshops or trainings
- Project Management Office
Establish regular compliance programme to verify adherence to GDPR requirements
- Compliance review of data privacy program
- Third Party Assurance reports (SSAE / ISAE)
- Data Protection Officer Advisory Support
How do you comply?
General Data Protection Regulation (GDPR)
Related content
Follow us
Contact us
