GDPR and compliance consulting

It is worth achieving GDPR compliance first and completing a preventive audit so that we can identify possible shortcomings. Without being aware of these, effectively preparing for GDPR is not possible. 

Briefly about GDPR

• GDPR was created to provide equal legal certainty for EU citizens and guarantee a reliable flow of data between Member States.
• The regulation entered into force on 25 May 2018.
• The penalty for breaching the provisions may be as high as € 20 million, or 4% of annual global sales.
• The fields covered by the rules include, for example, the protection of the fundamental rights of the interested parties, compliance with data management principles and the obligation to report incidents.

What are the GDPR requirements for companies?

• Built-in and default data protection – Companies must be able to demonstrate they have implemented technical and organisational measures to guarantee proper data management.
• Records of data management activities - Companies must categorise the data they manage and collect information on data management.
• Data Protection Officer - A Data Protection Officer must be appointed.
• Data Protection Impact Assessment - In the case of high-risk data management, data protection impact assessment must be performed.
• Incident reporting and recording – Incidents must be reported and the competent authorities informed within 72 hours.

Support package for GDPR preparation

Who is covered by the new European Union General Data Protection Regulation (GDPR)? If a single one of the points listed above applies to your company, the GDPR also applies to you.

Not all companies need comprehensive mapping and risk analysis consulting.

GDPR preparations and the establishment of the relevant rules may be implemented gradually, relying on own resources yet achieving high-level compliance.

The support package for GDPR preparation is a compilation of documents with process descriptions, rules, checklists, an action plan and training contents supporting the preparation.

The package has been developed for companies with the following characteristics:

• due to their size they are aware of their business activities that involve the handling of personal data  
• their budget does not justify complex transparency and consulting projects.

All you have to do is…

follow the detailed instructions and implement each element of the package and rewrite the Excel and Word documents in it to match the characteristics of your company. The package includes only those templates you will actually need. We have used the results of our numerous successful consulting projects to prepare these templates, so the collection may be really helpful in redefining the data management of an organisation with a simplified structure and in creating the companies’ own rules, thus getting prepared for the adaptation of the General Data Protection Regulation.