GDPR Compliance Services
f society is currently working with a number of Organizations to create a GDPR compliance roadmap. Equally important, we enable organizations to understand the steps one needs to take in order to ensure GDPR compliance.
We can help you prepare for the GDPR.
our GDPR services
The project of preparing an organization to comply with the GDPR requirements is distinguished in the following phases:
Identification, Data Mapping & Data Flow Analysis
As part of an EU General Data Protection Regulation (GDPR) compliance project, organisations will need to map their data and information flows in order to assess their privacy risks and to form part of their Article 30 documentation. f society uses its methodology in order to effectively map your data, understand the information flow, describe it and finally to identify its key elements.
f society GDPR Gap Analysis Services assess the extent of your organisation’s compliance with the GDPR (General Data Protection Regulation), and helps identify and prioritise the areas that they should be urgently addressed.
Data Privacy Impact Assessment (DPIA)
A Data Protection Impact Assessment (DPIA) is required under the GDPR any time you begin a new project that is likely to involve “a high risk” to other people’s personal information. We can take over the DPIA and include a template to help you execute the assessment by conducting: a systematic description of the envisaged processing operations and the purposes of the processing, including the legitimate interest pursued by the controller; an assessment of the necessity and proportionality of the processing operations in relation to the purposes and finally an assessment of the risks to the rights and freedoms of data subjects.
Implementation of Action Plans
f society can provide you with a method and answer questions such as: (a) How is an action plan for compliance to be initiated? (b) What are the different stages of implementation? (b) What does the accountability principle stand for in practice?(e) How is a Data Protection Impact Assessment to be conducted
f society provides contingency planning – for purposes of your information security. Our solutions deliver a coordinated strategy of various plans, procedures, technical measures and initiatives for ensuring the recovery of information systems, operations, and data after a disruption of services. In addition we provide consultancy to comprehensive contingency planning.
Audits – Controls
f society’s GDPR audit, assesses your organisation’s or your company’s processes, systems, records and activities to: Safeguard that appropriate, and adequate policies and procedures are enforced; Detect data breaches or potential cyber violations to comply; Conduct assessment and adequacy of internal controls; Authorise and validate the principles, policies and procedures are monitored and adhered to recommend changes in controls, policies, procedures and IT platforms. The scope of our GDPR audit scope is agreed in consultation with the stakeholders to identify relevant data protection risks within the organisation. It takes into consideration both generic data protection issues as well as specific concerns about data protection policies and procedures.
Awareness – Training
f society can help you, educate you and your workforce, in relation to whose data you hold, what data you hold, why you hold the data, how long you should retain the data for and where you are holding/storing the data.
Ongoing Management & Follow-up
GDPR is an ongoing and evolutionary compliance journey for every organisation and company. We assist you provicding Data Protection Offcier services as well as high level support toy your Information Officer. We also assist you to keep the process and tools to capture consent in a structured way to maximise opt-ins, to adopt the technology to maintain up-to-date records of communication preferences, and finally to setup the protocols to define and the people to manage ‘legitimate interest’.