The EU General Data Protection Regulation (‘GDPR’) is the most important change in data privacy regulation in 20 years. The Regulation took effect on the 25th of May 2018 replacing the current European Data Protection Directive 95/46/EC, now providing one set of data protection rules for all companies operating in the EU, wherever they are based.
The GDPR applies to the processing of personal data of EU citizens meaning it not only applies to EU based organisations, but that it also applies to organisations that are based outside of the EU that offer goods or services to EU citizens or any organisation that processes the data of EU citizens.
If GDPR applies to your organisation, it is crucial that you ensure to implement the right processes to meet the 6 key principles of data protection. Failure to comply with the GDPR regulations could result in organisations being fined up to 20 million euros or 4% of your annual global turnover – whichever is higher
With our experience in implementing GDPR, FAI is able to assist organisations of all sizes to meet the requirements of the regulation and tailor the best approach to suit your needs.
WHAT CAN FAI DO?
- Perform Information Audits and assessments on the company’s current processes
- Develop tailored and practical solutions taking into account your company’s exact needs
- Creation of Information Asset Registers containing vital information for the understanding of the company’s processing of personal data
- Creation of Data Flow Maps
- Creation or updating of policies and procedures related to privacy and IT security
- Review of company’s legal documentation (client agreements, privacy notices, third party contracts, employment contacts etc.)
- Data Protection Impact Assessments
- Provision of dedicated outsourced Data Protection Officer (DPO) or data protection consultancy support
- Management and employee GDPR awareness/training sessions