GDPR General Data Protection Regulation

Analyze the GDPR impact on your business: initial inspection, implementation strategy, operation and audit.

General Data Protection Regulation (EU) 2016/679 will start on 25 May 2018. It means that organisations will need to be able to demonstrate that they have analysed the GDPR requirements in relation to their processing of personal data and that they have implemented a system or programme that allows them to achieve compliance.

Benefits

  • Accurate customer data
  • Additional care on sensitive data
  • Minimize security incident
  • Minimize data breaches
  • Save money - The maximum fines for non-compliance could reach 20 million or 4% of the organisation;s worldwide turnover

Services

Initial Assesment

  • Presentation - Intro to GDPR
  • Workshop - Information mapping and data audit
    • Survey
    • Interviews
    • Documents
      • Systems
      • Procedures
      • Personal information data flow
  • Delivered Report
    • As-is Analysis
    • Action Plan

Implementation

  • Gap analysis
  • Information Architecture with focus on Personal Data
  • Technology selection
  • Document Management Systems - go paperless
  • Identity and Access Management - traceability, rights management
  • Data Transformation and Migration - anonymization, legacy systems upgrade

Operation

  • Externalized or contained personal data with paperless and IAM systems
  • Assisting DPO activities: training, compliance, audits
  • Identity and Access Management - traceability, rights management

Audit

  • Audit preparation
  • Data source identification
  • Data source inventory
  • Data source management
  • Audit results
  • Avocat Cristina Radu