The regulation is in effect. While it applies only to businesses collecting personal data from someone in the EU, the issue of data privacy continues to surface worldwide and reiterates UDig’s outlook: the GDPR represents a global shift in how we approach data privacy and is a precursor for what’s to come.
If you are still working to comply, we can help.
If you don’t technically need to comply, you should operate as if you do.
Our GDPR Assessments provide a clear path to compliance, but can also provide valuable visibility into the quality of your data and the ways in which your organization can be become data-driven.
Facing the May 25, 2018 GDPR deadline, an organization was uncertain about what data practices and internal policies would compromise their compliance. They needed support in determining their highest areas of risk in order to build an effective go-forward plan for remediation. They lacked the documentation necessary under the GDPR to map key personnel as well as third party data systems and organizations with access to PII. Operating in many different EU countries also presented a challenge to map data practices and risk levels for each individual office.
The UDig team conducted a series of interviews with key stakeholders and Subject Matter Experts to gain a thorough understanding of their current data architecture, business and functional requirements, and existing challenges. These findings informed a Current State Analysis document which assessed data sourcing, accuracy, governance, and retention. Based on this analysis, a Data Process Map illustrated the data workflow around existing internal procedures. The Roadmap deliverable indicated the gaps between current state and future state and featured Heat Maps to illustrate and triage areas of risk tied to specific articles/requirements of the GDPR. Finally, the Summary of our findings provided synthesis and analysis of what we discovered and served as the ‘plain-English’ takeaway to ensure a clear path to compliance with the GDPR.