The General Data Protection Regulation (GDPR) is a legal framework that defines requirements related to the collection and processing of personally identifiable information (PII) for individuals who live in the European Union (EU). If your organization holds or processes the PII of EU citizens, it is within the jurisdiction of GDPR.
- Lawful and Transparent Processing
- Data Subject Rights
- Data Breach Notification
- Data Protection Officer
- Privacy by Design
- Data Limitation of Purpose and Storage
- Data Transfers
- Data Protection Impact Assessments
- Awareness and Training
The GAI Cyber team are is here to help, and have a multi-phased approach to ensuring your organization is and stays compliant:
Examine all the locations and types of PII that your organization stores, process and transmits. This will allow us to properly scope and focus compliance efforts.
Data Privacy Impact Assessment
Determine the amount of and level of sensitivity of all relevant PII your organization is responsible for. The assessment will determine impacts if Confidentiality, Integrity or Availability of PII was compromised.
GDPR Gap Analysis
Conduct assessment procedures across the GDPR relevant portions of your network. Our team will identify any compliance deficiencies and document them in a report.
GDPR Finding Remediation
Implement any safeguards that are needed as a result of the gap analysis findings. Our team will work with your organization to find the most cost effective and efficient means to become compliant.
Ongoing GDPR Monitoring
Conduct ongoing annual or ad-hoc assessment to re-validate your GDPR compliance. Networks and the data on them change frequently, our team will make sure it doesn’t affect the status of your compliance.