top of page

Is your company ready for GDPR?
The deadline of 25th May 2018 is fast approaching

CASE020

Client Industry: Any company dealing with personal data in Europe // Sector: All

Client

Clients can be any company dealing with personal data relating to individuals in Europe, including companies from outside of EU.

The Challenge

On May 25th 2018, the new GDPR (General Data Protection Regulation) becomes law across the EU, not just for companies operating within those countries, but for all companies which deal with EU countries, regardless of their location across the world.

GDPR builds on the existing Data Protection Directive of 1998, with new key principles which give the individual stronger rights to know how their data is being controlled and to instruct the company controlling their data to delete, modify, or cease to use. Companies will therefore have a much more significant duty of care over individuals’ data, and failures to comply will result in significant penalties. Just some of the possible breaches could be:

  • Failure to adequately protect personal identifiable data, in-situ or when transferred.

  • Failure to notify breaches within 72 Hours to the Supervisory Authority

  • Failure to gain or demonstrate consent to use of personal data.

  • Not providing an individual access to their data within the required timeframe.

  • Failure to delete, rectify, or cease to use data upon an individual’s request. Also, the individual will have rights over the portability of their data to a different controller.

Penalties for non-compliance will be significant, ranging up to €20 Million or 4% of total revenue, whichever is the greater.

The VA Solution

  • VA Business Solutions offers a range of services to deliver a GDPR compliant posture to your business and we can tailor these to suit each client’s unique requirements.

Services Provided

  • Performing a GDPR Compliance Assessment

  • Creating a Data Inventory

  • Refresh existing Data Consents

  • Review and revise company Data Protection / Privacy Policy

  • Develop procedures to detect a Data Breach

  • Create DPIA (Data Protection Impact Assessment)

  • Develop and install DSAR (Data Subject Access Request) process

  • Provide interim DPOs (Data Protection Officers)

  • Perform downstream supplier assessments

The Benefits

  • Satisfactory GDPR regulatory posture

  • Enhanced customer reputation

  • Significantly reduced risk

  • Cost savings through more efficient data subject access request turnaround

  • Elimination of unnecessary data storage

Driving GDPR Compliance

It's what 

we do!

Can't find what you are looking for?
bottom of page