Since the GDPR came into force in May 2018, there has been great confusion as to what exactly is required for organisations to become compliant. Your organisation may have done some work early in 2018 in preparation for the law but may have done nothing since. Or you may need to start the effort in earnest now. Regardless, we can perform an extensive audit of your organisation and its data processing to identify those areas that must be addressed.
- Gain a solid understanding of exactly what personal data your organisation processes.
- Obtain a clear path forward to compliance with the GDPR
- Save time on costly Data Subject Requests
- Demonstrate your organisation’s efforts to become compliant in the event of a breach or other action taken by the Regulator.
We work with you to identify the scope of the effort. Some of the areas that we focus on include;
- data protection governance, and the structures, policies and procedures to ensure compliance with data protection legislation;
- the processes for managing both electronic and manual records containing personal data;
- the processes for responding to any request for personal data, including requests by individuals for copies of their data as well as those made by third parties, and sharing agreements;
- the technical and organisational measures in place to ensure that there is adequate security over personal data held in manual or electronic form;
- the provision and monitoring of staff data protection training and the awareness of data protection requirements.