Data protection (GDPR) services

Data protection compliance has never been as important as it is today. The EU General Data Protection Regulation (EU GDPR), set to take effect on 25th May 2018, will place significant legal responsibilities on organizations that collect, store or process data. 

For the first time, monetary sanctions of up to 4% of global annual turnover will apply to breaches of the regulation. It also includes additional measures to protect the personal data of EU citizens.

We understand the value of data to your business and the serious implications of a data breach. Our team of consultants work with businesses to provide insights and solutions on a range of data protection issues and can help you:

  • Apply best practice in achieving and maintaining compliance with EU data protection requirements across differing regulatory environments
  • Plan and implement measures in preparation for the proposed new EU regulation

Contact us about your data protection requirements

Data protection implementation support

We'll work with your organization to develop a comprehensive understanding of the scope of your environment. This will include all flows of personal data and potential exposure to breaches or censure under the current regulation.

Once the scope has been defined and formally agreed, we establish the policies, procedures and lines of accountability necessary to meet regulatory demands.

Data Protection Officer (DPO) services (onsite and/or virtual)

The EU Data Protection reform states that certain organizations will be required to appoint a dedicated Data Protection Officer

Appointment of a suitably qualified individual will be a challenge for most organizations. The existing pool of experienced data protection professionals is small. Even those currently employed in the area may not have the required or appropriate certifications to meet the regulatory expectations. 

BSI’s outsourced Data Protection Officer services enable organizations to implement a successful Data Protection programme so the business can continue to focus on its core activities. In addition to maintaining compliance, these services also deliver security, productivity, risk management and cost-efficiency benefits.

Data protection / privacy impact assessments

A significant reform proposed in the upcoming EU regulation is the principle of Privacy by Design. This principle recognizes the fundamental importance of integrating data protection and privacy considerations into an organization’s operations.

Privacy Impact Assessments (PIAs) are an integral part of the Privacy by Design approach. Our consultants take a practical approach to completion of PIAs. We help you by:

  • Conducting PIAs on your behalf
  • Developing PIA methodologies and frameworks you can easily integrate into your existing operations and use on an ongoing basis

Data protection audit support (internal and/or external)

Our consultants can help you prepare for an audit by the Data Protection Commissioner. Our consultants provide:

  • Workshops
  • Questionnaire-based audits
  • Onsite inspections
  • Gap analysis

These services result in practical and policy-driven solutions in order to drive organizations to a positive audit outcome.