As of May 25, 2018 The GDPR, is a paradigm shift to improve personal data protection. GDPR compliance is mandatory for all companies doing business within the EU boundaries, regardless of location.  Moving quickly to implement a comprehensive GDPR compliance strategy across your enterprise, and maintaining accurate data protection records is critical to you and important to your customers.

​

​GDPR requires ongoing documentation of your data, data processes, organisational and technical measures to control data usage including: definition and categorization of data, data lineage, managing authorizations, access, rights and usage.  In addition to comprehensive data control measures from data creation to consumption, across all business processes with real-time visibility into all aspects of your data, we also provide support from process, governance, technology, people and records perspectives.

​

However, ITSec is not Privacy, as the GDPR also requires Transparency, Accountability, Lawfulness, Purpose & Storage Limitation, Accuracy and Confidentiality; all requiring non-IT processes and controls.  Privacy and IT Security complement and reinforce each other, but each is required to be compliant.  ITSec by itself, only represents about 15-20% of the requirements, the rest are other technical and organisational measures involving sales, HR, operations, marketing, analytics, vendors (processors), communications and many other corporate functions.  

 

With data moving to the cloud and even into the open via partner exchange networks, the protection must be extended to the data level and beyond into vendor, partner and customer ecosystems.

​

Although fines are often headline news, the loss of competitive positioning and increased reputation damage will occur years into the future, making many fines seem inconsequential.  Shareholder and stakeholder management must be carefully managed, and having a strong defensible position certainly helps with reputation protection.

​

​Our certified DPO’s help you to manage the required processes to efficiently implement compliance by driving adoption throughout your organization. Our consultants have strong organisational and technical skills, with many years of experience and have worked in the EU and the USA, with many multi-national clients.