GDPR and the Compliance Journey

The Regulation

The regulation sets out requirements for how organisations should collect, process, store and share personal data. It offers EU citizens greater control over how such information is used.

Understand Key Concepts

The law has 99 Articles and 173 Recitals. The core elements include the broad definition of personal data, extra-territorial scope, expansion of data subject rights, the 7 guiding Principles and lawful bases for processing data.

Planning and Preparation

We recommend starting with key stakeholder buy-in; conduct an inventory of all personal data; compare people, processes and technology with the GDPR requirements and document the gap. Then take action to bring data protection policies in-line with GDPR; monitor compliance and review procedures.

Challenges

In addition to managing personal data flows, the General Data Protection Regulation challenges include the need to ensure consent is informed, unambiguous and recorded. Firms need to be prepared for data portability and subject access requests.

The Upside of GDPR Compliance

The obsession with fines for non-compliance has obscured the benefits of compliance. Including greater customer trust, improved business reputation, better client engagement and competitive advantage.

How FileOM Can Help

As privacy management specialists, we have a deep understanding of business processes and can quickly solve regulatory pain points, ensuring you demonstrate compliance with the GDPR’s data processing principles.

GDPR Consulting Packages to Suit All Budgets

Bronze

The Gap Analysis package is a GDPR readiness assessment, including personal data analysis and data mapping linked to your business processes.

Read More

Silver

The Full Compliance Package provides end-to-end assistance to meet your GDPR obligations. We design new policies & procedures, review contracts, privacy notices and more.

Read More

Gold

For larger organisations, a bespoke service delivery. Including full project management of a GDPR implementation, outsourced DPO, audit or a standalone DPIA.

Read More
A black and white version of Grass Roots logo
Black and white Event Tech Tribes logo
A black and white version of eventsforce's logo
Black and white version of Venue Directory's logo
Black and white version of DocuSign's logo
A black and white version of Microsoft's logo

Request a Call back

I would like to discuss: