Privacy

Your challenges

• Is the understanding of the GDPR sufficient to draft policies and procedures, covering all necessary areas?
• Were you able to identify all personal data processing activities?
• Do you have experienced resources available to implement your remediation plan?
• How do you ensure a correct "roll-out" and "buy-in" of the implemented measures within the organisation?
• How do ensure proper change management in your organisation?

What does it include?

• Application of best practices and adapting them fully to your organisation;
• Drafting of GDPR-related procedures and policies;
• Assistance with change management.

Key benefits

• Timely implementation by a team of experts in the field;
• On-the-go training and continuous involvement of your stakeholders;
• Enjoying flexibility and a tailored approach, aligned with your organisation's business objectives.

Key deliverables

• GDPR-related policies and procedures;
• Inventory of personal data processing (art.30);
• Control framework for IT security;
• GDPR monitoring tools.

Your challenges

• Have you correctly identified all personal data processing activities requiring a DPIA?
• Do you have a proper methodology to conduct DPIAs?
• Did you consider all mandatory steps of a DPIA?
• Are you sure to have correctly assessed the corresponding risks?
• Have you discussed with the appropriated persons, when conducting the DPIA?

What does it include?

• An evaluation of processing activities requiring a DPIA;
• Identification of the relevant risks;
• Assessment of the risks, security measures in place and evaluating the remaining risks.

Key benefits

• Timely performance of tasks by a team of experts in the field;
• Involvement of and consulting the DPO at each step of the DPIA process;
• Involvement of the personal data processing owners;
• "Outsider" view of the organisation and risk assessment approach.

Key deliverables

• Tailored DPIA methodology;
• List of processing activities, where a DPIA is required;
• Completed DPIAs, including risk assessments, evaluations and conclusions.

Your challenges

• Are the staff members aware of the GDPR, and its implications on their day-to-day job?
• Do the staff members know what to do when they receive a compliant as to data privacy?
• Have you been following the best practices in the market place?
• How to efficiently train staff located in various locations, with the same level of interactivity?

What does it include?

• Training sessions, covering all the key elements of the GDPR;
• Real-life examples of GDPR in organisations, similar to yours, including, for example, a data breach assessment or a data subject request;
• Feedback on the usual pain points of complying with data privacy.

Key benefits

• Training sessions tailored to your business and organizational needs;
• Delivered by experts in the field, having a long track record of successfully delivering GDPR training sessions;
• Trainers who engage the participants, making the sessions interactive, leaving a long lasting impact.

Key deliverables

• Introduction to advanced training session, from new joiners and entry-level staff to C-level and board members;
• Support material in English or French, highlighting the key elements of the regulation.

Your challenges

• You have drafted GDPR-related policies and procedures, but do they cover all the necessary topics?
• Are your data privacy policies and procedures properly enforced by all members of staff?
• Will members of staff be able to tackle real-life situations, in accordance with your policies and procedures?
• How well do you respect the 72-hour timeframe to report high risk breaches to the CNPD?

What does it include?

• Fully tailored simulation of "real-life" situations within your organisation, incl. data subject request and data breach;
• Review and recommendations as per your internal GDPR documents (i.e. policies and procedures);
• Potential improvements to your policies and procedures.

Key benefits

• An "outsider" assessment of the enforcement of your data privacy framework;
• Simulation of real-life cases prepared and assessed by a team of GDPR experts, designed to your activities;
• A precise view of how your entity would withstand the test of a real data privacy event, data subject request or data breach.

Key deliverables

• Thorough assessment of the operational readiness and application of your policies and procedures;
• Detailed comments and recommendations on your GDPR-related documentation.