Agile adoption of the GDPR requirements
We survey your current status and prepare concrete measures for fulfilling the obligations of the regulation. We help you carry out the measures upon agreement.
The data protection survey proceeds as follows:
- Surveying the current status: what are the client’s needs and status of business operations in relation to the obligations laid down in the GDPR.
- If necessary, assessing the current status of 1–2 key information systems in terms of their
- system architecture and
- information flows.
- The outcomes of the survey:
- assessing the level of maturity of the client’s operations in relation to the obligations laid down in the regulation
- a prioritised list of measures
- After the survey, helping the client introduce the measures in practice as feasible steps carried out as project work.
Typical measures include:
- Preparing a data protection policy, instructions and practices
- Preparing processes that aim at detecting and managing data breaches and filing related notifications with the authorities
- Introducing data protection as part of the management of suppliers and procurements (e.g. approaches in selecting suppliers, preparing data protection appendices to supplier contracts)
- Organising training on data protection
- Integrating data protection into service development (e.g. taking data protection by design and by default into account when planning and developing services)
- Eliminating unnecessary personal data and anonymising the data held by the company