GDPR, privacy & information security
Privacy has historically been viewed as an impediment to innovation and progress, but that’s so yesterday and so ineffective as a business model. Without user trust, technologies can’t move forward.
– Ann Cavoukian
What can we help you with?
- Assessing risks, vulnerabilities and creating practical action plan
- Adjusting your data protection system to legal and information security requirements
- Implementing general policies and tailored standard operating procedures
- Training and raising awareness of your staff members
- Maintaining and improving your data protection system
- Solving issues, problems, consultation, research etc.
Assessing risks, vulnerabilities and creating practical action plan
Having seen many wasted efforts and much more money on inefficient solutions, we adopt a holistic approach and understand relations between various data protection aspects, such as data protection principles, data subject rights, ensuring security and managing incidents. A comprehensive audit, data protection impact assessment and risk analysis is where we start building a data protection system for years.
Adjusting your data protection system to legal and information security requirements
Creating action plan by repeating legal requirements is trivial. We make a difference by focusing on real progress your organization can make. We work on solutions that increase compliance and your security level, while looking for affordable options. GC helps you adjust both to legal and security standards.
Implementing general policies and tailored standard operating procedures
Authorities require that policies and procedures fit the organization and are actually applied. That is why we prepare them after compliance solutions have been adopted, to make them applicable for all of your organization. Next to general policies and assigning roles and responsibilities on all data protection aspects, we prepare standard operating procedures, so your staff members know exactly what to do.
Training and raising awareness of your staff members
Preparing procedures is just one of the steps – you need to formally adopt them and train your employees. Not only on requirements, but also on threats and ways to avoid them. Staff training raises awareness in itself, but achieving good data protection level requires regular interactions and motivating your staff. We help you build a privacy-friendly organization.
Maintaining and improving your data protection system
Setting up a data protection system is like buying a car. The longer it works, the more maintenance it requires. Sometimes, it crashes because of its driver, and sometimes because of external threats. We help you prepare, mitigate and react to any accidents that happen on your way.
Solving issues, problems, consultation, research etc.
Sometimes, you just need some ad hoc help with an incident, troublesome client request, making sure particular processing operations are compliant, or negotiating with important contractor who needs GDPR compliance guarantees from you. Let us know and we will do our best to help you.