GDPR Advisory and Assurance
The General Data Protection Regulation (GDPR) (EU) 2016/679 is a regulation of EU law on data protection and privacy for all persons in the European Union. It also deals with the export of personal data outside the EU. The purpose of the GDPR is primarily to enable citizens and residents to control their personal data and to simplify the regulatory environment for international companies by standardizing the regulation within the EU.
The GDPR will change how personal information is collected, shared and used worldwide and has been described by experts as ambitious, complex and rigorous. All organizations will need to make changes to policies, processes, contracts, and technical and organizational compliance measures. In some cases, these changes can be complex and significant. Beyond the EU companies, the EU GDPR extends to companies outside the EU who offer goods or services for EU data subjects (“an identified or identifiable person to whom” personal data “refers), even if they are free of charge is behavior of data subjects within the EU.
Our team of subject matter experts in the field of data protection can provide your organization with a range of best practice solutions, from assessing your GDPR compliance position, to developing a solution roadmap, to implementing an optimal data compliance framework. Whether you are an SME or a multinational company, we can customize our GDPR services to your specific needs.
In-house GDPR Training and Awareness: Deliver awareness sessions specifically customized to your organisation’s requirements.
Cyber Incident Response Management: Assist in defining and implementing an effective incident response approach.
GDPR Compliance Frameworks
Organizations that do not yet have a privacy compliance framework can use a standardized framework to demonstrate compliance with the GDPR. There are currently two recognized standards or frameworks that could be used: BS 10012: 2017 and ISO / IEC 27001: 2013.
GDPR Assessment Services: GDPR assessment service includes program scoping, deep dive assessments, data protection impact assessments (DPIAs).