GDPR is a complex and far-reaching legislation, comprising many components that touch organisations in differently and at all levels. GDPR needs a strong Information Governance program and technical framework to succeed.
A comprehensive approach is required, taking all of its aspects and your organisations needs into consideration.
The assessment we provide can be a great help whether your company has already considered GDPR or is preparing to start. The assessment begins with determining the main GDPR stakeholders in your organisation per key area of attention. This is done together with the person responsible for data privacy in your organisation (you may even already have a special data privacy officer in place). These stakeholders might be: representatives of the HR department, for communication, training and personnel data; of the marketing department, for protecting your brand and your customer data; and of the IT department, for security issues. Interviews will be planned with all these people.