From May 25, 2018, every organization must comply with EU Regulation No. 679/2016 (GDPR, General Data Protection Regulation).
- can be applied to every organization, regardless of size or industry sector;
- includes accountability for the organization's privacy efforts;
- relies on already available resources;
- enables proof of GDPR compliance.
This tool allows for four types of intervention:
Assessment: assessing the as-is status of the company by identifying GDPR compliance state by analyzing processes, technologies and tools. The organizational analysis is developed by determining the current degree of accountability and the key indicators that will allow to achieve the operation of processes in accordance with the GDPR.
Road Map: customized privacy management plan and necessary operations implementation for the preliminary processing of all those processes whose operations impact on GDPR compliance. The plan also includes a prioritization of the most important processes and identification of key resources for achieving and maintaining GDPR compliance.
Implementation: business process re-engineering whose operations impact GDPR compliance (accountability design and "privacy by designhe objectives defined will be achieved also through the use of advanced tools such as simulation, lean thinking and business analytics.
Ongoing compliance: policy and operations planning necessary to monitor the processes involved in data processing and to prepare the documentation of the GDPR compliance report.