Arrange a Consultation

Project Management

We can manage the GDPR project implementation for your organisation working alongside your business teams and if required, bring in our expert technical and legal partners to ensure the successful delivery of the project. The key stages are as follows:

Be Informed:

  • Fact finding to determine scope, extent of personally identifiable information (PII) held
  • Security environment, data handling policies, procedures and practices review
  • Governance framework and compliance to existing data protection law review
  • GDPR readiness review in your business today
  • GDPR knowledge review of staff and management in your business

Be Aware:

  • Data Controller, Data Processor identification, what responsibilities within your business
  • Third Party involvement in handling personally identifiable information identified
  • Private Information Register review/creation and risk rating considerations
  • Cyber Security awareness review and risk considerations within your business
  • Technology and system development strategy review within your business

Be In The Detail:

  • Data mapping to establish type, location, nature of all personally identifiable information
  • GDPR principles applied to personally identifiable data held to gauge level of compliance
  • Person’s rights applied to test capabilities of database systems (manual/digital) to action
  • GDPR principles of ‘Privacy By Design’, ‘Privacy by Default’ approach to review/test
  • Cyber Security review of systems, software effectiveness, identify current vulnerabilities
  • Company policies, procedures, notices review (privacy, cookie, security, data handling)
  • Data Portability activities within the organisation, impact of GDPR compliance
  • Subject Access Requests, Data Breaches, Breach Notifications procedures review
  • Supervisory Authority information requests procedures review
  • Future Governance Framework design/redesign going forwards

Be Careful: "Mind the Gap"

  • Interim and final GAP analysis against GDPR regulations identified
  • Remedial Action Plan creation to address the gaps in GDPR compliance
  • Support implementation of remedial actions to close the gaps identified in policies, processes and systems