General Data Protection Regulation
GDPR Is Here – Now What?
Microsite Hero Description
GDPR consulting services help organizations identify common GDPR gaps and develop remediation plans
General Data Protection Regulation
Body
NEW: GDPR FAQ Guide
We are pleased to share our GDPR FAQ Guide, created in partnership with Robert Half and the multinational law firm Baker McKenzie to help organizations understand, prepare and operate under the GDPR. This guide covers the GDPR basics and focuses on critical areas such as third-party risk, data-privacy rights, consent management and privacy notices.
Protiviti designs holistic and comprehensive approaches to GDPR compliance, supporting privacy and security by design, assessing readiness, and helping businesses better understand their data-privacy posture. In addition, our compliance solutions cover people, processes and technologies to help drive sustainable and effective privacy programs.
We will work with you to build your organization’s GDPR program, including consultation on the following:
- Regulation interpretation – analysis and advice
- Gap remediation with leading practices – including design and implementation of third-party risk, data-privacy rights, data governance and privacy notices
- Compliance solutions – people, process and technology execution for an effective cybersecurity and privacy program
- Compliance management – monitoring and maintaining controls going forward.
We support clients during all stages of their GDPR compliance efforts. Our organization integrates global consulting talent from different practices and backgrounds to provide you with a custom team to address your GDPR needs, including functional expertise from our Global Security and Privacy practice and our Data and Analytics teams and legal and privacy support from Robert Half Legal.
Watch our video: What is next around privacy programs?
How Protiviti Can Assist:
- Discovery and Planning: Inventory of GDPR Data Sources with Their Criticality Template
- GDPR Gap Analysis and Results
- Compliance Roadmap and Supporting Report
- Gap Remediation: Remediate and Implement Solutions
- Post-Regulation Date: Assessing Controls in Place or Maintaining Controls That Have Been Implemented
- Global Capabilities to Deliver GDPR Expertise for Clients
“Protiviti did a great job in helping us to address the privacy challenge with a very strong risk-based approach and had a very pragmatic blended team that provided us several valuable solutions and very effective change management communication materials to address all the organizational and technology impacts required by new privacy regulations.”
– Compliance Officer, top listed global manufacturing company
Key Partners
Insights
Podcast: 2019 Vendor Risk Management
2019 Vendor Risk Management Survey
Video: GDPR - What next for privacy programs
The Cybersecurity Imperative: Managing Cyber Risks in a World of Rapid Digital Change
Protiviti assists organizations in achieving clarity and compliance around privacy risk governance programs, including GDPR. We help companies understand the impacts of regulatory requirements, assess and remediate processes and technologies and implement changes to achieve and maintain compliance. Our approach to GDPR compliance includes:
Discovery: Identify high-risk areas to ensure a focused approach
- Identify and inventory EU personal data including classification level, data controller, processor and exchanges
- Formal inventory of processing activities
Manage: Determine exposure and prioritize compliance activities
- Assess data collection, processing and storage, and protection measures
- Assignment of a Data Protection Officer transfers to third parties, risk assessment practices and security policies
Protect: Implement changes to achieve compliance
- Obtain executive management support and funding
- Establish compliance program structure and governance
- Identify compliance strategies
- Implement remediation plans
Report: Provide evidence of accountability and compliance
- Maintain required documentation
- Testing and validation
- Implementation of monitoring tools and processes
- Manage data requests and breach notification
The California Consumer Privacy Act
Coping Strategies to Get Ready for GDPR
Protiviti Managing Director Jeff Sanchez speaks about 'Coping strategies to get ready for GDPR' with Financial Excellence (presented by SAP) as part of the Special Edition series on Coffee Break with Game Changers.
Listen the entire conversation
With GDPR Deadline Looming, the First Step Is Discovery
Protiviti's Technology Consulting Managing Director Jeff Sanchez and Security and Privacy Managing Director Michael Walter share their insights on how organizations with EU employees or customers will be able to demonstrate compliance as new EU GDPR is scheduled to take effect on May 25, 2018.
Protiviti’s GDPR Podcast Series
Listen to our experts discuss GDPR, share how it impacts various types of organizations and functional areas, and identify common GDPR gaps and technical components.
