
What is GDPR?
The General Data Protection Regulation (GDPR) was adopted by the EU in April 2016 and replaced the EU Data Protection Directive 95/46/EC.GDPR will be a mandatory legal requirement for all companies operating in the EU from 25th May 2018. There are clear requirements for processing personal data in a fair and consistent manner. The GDPR brings harmonization across the EU regarding data privacy.
Key Considerations:

Need for getting accredited to GDPR Compliance:
Our Service Offerings
- Privacy Impact Assessments: Conduct organisation-wide Privacy Impact Assessments including Process Mappings and Data Discovery
- Data Protection Officer Services: achieve and maintain GDPR compliance, deal with day to day Data Privacy issues, represent organisation while dealing with the third parties and regulators
- Implement Technical and Organisational Measures: Cyber Essentials / Cyber Essentials Plus Certification body and ISO27001 Lead Auditors who shall help organisations to implement and prove the required Technical and Organisational measures
- Supplier Management: Improvements in the supplier contracts to address GDPR requirements. Closely monitor and improve Supplier performance for data processing activities
- Incident Management Services: improve breach handling, reduce organisation impact and comply with GDPR requirements
GDPR consultancy approach
- Engagement: After the pre-assessment scoping call, all relevant documentation is sent to the client with adequate guidance notes
- Assessment: A combination of onsite and offsite assessment is conduct to assess the gaps and to finalise the best approach for the certification. Product gap assessment report and suggested project plan for gap remediation
- Gap remediation support: As per the client need to provide bespoke consultancy and delivery to address the gaps.
- Compliance Health Check: On an ongoing basis ensure compliance is maintained through regular and specific assessments
- Liaise with the Supervisory Authority: Be the Single Point of contact with the supervisory authority (the ICO for the UK) for GDPR related issues