On 25th May 2018, The General Data Protection
Regulation (GDPR) is due to be enforced. GDPR will
apply to all Companies worldwide that collect, process
and store Personal Identifiable Information (PII) of EU
GDPR will supersede the previous Data Protection
laws and include new and more detailed protection
legislations for Personal Identifiable Information (PII).
Non compliance with GDPR can result in a fine from
the ICO, the UK’s indepenent body setup to uphold
information rights. There are two levels of fines you
could face. The first is a fine up to €10 million or 2%
of the Company’s global annual turnover, whichever is
highest. The second is a fine up to €20 million or 4% of
the Company’s global annual turnover of the previous
year, whichever is higher. The fines have been made
substantial to ensure Company’s comply with the
► Data is processed lawfully, fairly and in a transparent manner.
► Data is collected for specified, explicit and legitimate purposes.
► The purpose for data must be adequate and relevant
► Data should not be stored for no longer than necessary.
► PII is protected, ensuring it is secure.
We provide two Professional Service Packs to get you prepared for GDPR.
This service will help you understand what PII data you hold, where it is stored and who you share it with.
We will evaluate your technical controls to identify areas at risk of a data breach.
► Conduct a digital information audit
► Gain visibility of personal data stores, both internal and externally hosted systems
► Identify network and system vulnerabilities.
► Pass/Fail report with recommendations.
GDPR Readiness Review
Our GDPR Readiness service will help you evaluate where your processes and systems stand across all areas in relation to the new GDPR guidelines. We will also provide awareness training to your staff.
► Identify vulnerabilities
► Improve data life cycle management
► Gain visibility of your data flows
► Gain a better insight for strategies to protect personal data
► Reduce privacy-related risks and associated data breaches
► Improve efficiencies related to processes, systems and controls
► Identify areas for contractual updates with third-party providers.