GDPR Healthcheck

Page 1

GDPR is now live and everyone should be compliant. In reality, the majority of UK businesses have yet to implement a full and compliant process. Compliance with GDPR is mandatory, cost of fines and legal actions are heavy and reputation damage high following breaches. However, GDPR can present great opportunities for organisations to understand what and where their data is held, to review and improve security and to enhance their client experience and trust. The Health Check is part of our GDPR Integrated Technology and Solutions (“GDPR-ITS�) which offers end to end support for your GDPR requirements. GDPR-ITS includes C-Hub, our web-based GDPR portal which provides the framework and key steps required to implement GDPR from any gaps identified in the Health Check. See overleaf for a step by step guide through this process, and how we can help you.

www.3ldc.com

+44 (0)20 7129 1270

gdpr-its@3ldc.com


Twelve Points To Support GDPR Health Check 1

2

3

Governance • Accountability • Structure • Oversight

Regulation Assessment • Highlight regulatory change • Analysis of impacts to your business

PII Audit • Identify PII data • Risk assessment of PII data held

6

5

4

Consent Management • How gain consent • New products & services

Privacy Policy • Adequacy of policy in place • Updating & maintaining policy • Communication & opting in/out

Policies & Procedures • Policies required (IT, HR, etc) • Supporting procedures

7

8

9

Individual Rights • Portability • To be forgotten • Amendment • Erasure

Breach Management • Identification, impact assessment & mitigation • Escalation & reporting • Lessons learned • On going monitoring

Info Security • People • Systems • Process

12

11

10

Data Processors & Sharing Data • Legal contracts • Monitoring & assurance

Change Management • DP Impact Assessments • New processes & systems • New suppliers/data processors • New management & staff

Training & Awareness • Awareness training • SME training • Exec/Senior management training • Partners & outsourced services

Your Solution If you require further support, 3LDC’s specialist advisory team has created GDPR Integrated Technology and Solutions (“GDPR-ITS”) which offers end to end support for your GDPR requirements. GDPR-ITS draws together a partnership of experts to provide a suite of the key components encompassing consulting, technology and legal to systematically guide and support you through a successful GDPR programme. This service encompasses key areas including the Health Check, the 3LDC GDPR C-Hub, policies and procedures, data interrogation, data protection (encryption of mails and folders), IT security enhancement recommendations, legal advice and insurance. All provided in an integrated manner, by 3LDC and our partner firms.

For advice or guidance on GDPR-ITS please contact Nigel Tuppen or Nick Murphy GDPR Integrated Technology and Solutions at Email: gdpr-its@3ldc.com

3 Lines of Defence Consulting Limited 67 Grosvenor Street, Mayfair, London, W1K 3JN

www.3ldc.com

+44 (0)20 7129 1270


Turn static files into dynamic content formats.

Create a flipbook
Issuu converts static files into: digital portfolios, online yearbooks, online catalogs, digital photo albums and more. Sign up and create your flipbook.