The Upcoming General Data Protection Regulations (GDPR). Are you Prepared?
Data security breaches and data privacy stories are making customers more aware of their data privacy rights – and more concerned about how companies handle and store their personal data.
At the same time companies are facing increasing challenges and legal hurdles when using personal data, with complex new legal rules that vary from country to country. Adding to this is the upcoming GDPR, or General Data Protection Regulation, that stipulates fines of up to 4% of global turnover!
Organisations have started to realise that data breaches and thoughtless use of data can threaten client confidence, destroy brand reputation, affect the company share price, lead to signifcant fines, and even result in senior executives losing their jobs.
Our Data Privacy Officer (DPO) will take the lead on privacy matters, being the focal point or go-to person for management and staff on privacy concerns. While privacy controls are widely distributed throughout the organisation and many employees have explicit privacy obligations, the Data Privacy Officer is ultimately accountable for the adequacy of the organisation’s privacy arrangements as a whole, including your privacy framework and compliance with privacy-related obligations.
Our Virtual DPO will work closely with operations and technology risk management, compliance and legal teams to identify legal and regulatory obligations emanating from any of the key legislative areas. He/she can assist by:
Working with the IT and information security functions to ensure that systems operate in a privacy-compliant way, and that data security is ensured.
Providing Data Privacy Awareness training and support in building a corporate privacy culture.
Finally, our Virtual DPO, or V-DPO, will be responsible for continuous compliance and good practice in the group’s management of data protection issues in the context of continuing legal and regulatory developments.
Our Virtual DPO Service options include:
Privacy Impact Assessments (PIAs).
Data privacy compliance checks.
Review of data protection terms, conditions and agreements.
Data privacy programme development and reviews.
Data privacy regulator registrations and notifications.
Corporate data privacy and cyber security training and awareness.
Privacy by Design (PbD) reviews.