The GDPR readiness assessment is the first step on your journey to GDPR compliance.

We make use of an assessment toolkit, especially for small and medium-sized organisations, and sole traders. The assessment will help us understand, at what point your organisation currently stands, regarding the incorporation of the Regulation into your organisational processes and staff awareness.

Supported by your staff we will complete the initial GDPR readiness assessment, in two one on one sessions of two hours duration each. Subsequently, we will analyse your answers and create a comprehensive report showing the areas, in which your organisation is already compliant and those on which you still need to work - if there are any.

Based on the assessment we will then develop an action plan, a road map to compliance, including recommendations on how to proceed in your further GDPR implementation journey.

It is important for an organisation to manage personal information properly in order to be compliant with the regulation and as a safeguard for potential risks involved.
A Data Privacy Program provides guidance for ongoing business operations and staff, regarding the proper handling of personal data, based on a defined set of standards.To ensure compliance with the GDPR, it is recommended that organizations setup an effective data privacy program. In order to do so Data Privacy experts have various regulatory frameworks to consider. Furthermore, of business functions, as well as business systems and architecture is essential.

Usually, organisations designate a Data Protection Officer as data privacy allrounder with the task, but proper implementation into organisation processes can be time consuming and is more technology-related than just covering the legal aspects of the Regulation. GDPR requirements have a deep impact on business functions and the processing of personal data.

As Data Privacy Engineers, projectEzone possess the required expertise and support for organizations to incorporate the Regulation into business and IT processes.

A carefully performed inventory of personal data processing operations is a crucial first step in the operational response to the GDPR. The aim of this inventory is a comprehensive evaluation of business processes and data used in privacy-related business functions. The outcome of this evaluation process is essential for building a privacy program that complies with the regulation.

The Data Inventory provides a solid foundation to establish a lawful basis for processing personal data, transparency to data subjects and meeting their other data protection rights, knowing when and how to gather and record consent, and more. For all these purposes it is imperative to have a thorough understanding of what data is collected, how it is processed, and with whom it is shared.

projectEzone can guide you through this journey by providing suitable templates, coaching your staff if necessary and, most importantly, reviewing the Data Inventory documents in order to ensure that expected quality standards are met.

The GDPR requires organisations in the EU and outside the EU to apply the Data Protection by Design and by Default principle to all business procedures and IT implementations that use personal data of EU residents. In this respect, Privacy by Design is not just an implementation of privacy-enhancing technologies, it is a process involving various technological and organisational components. This is the most comprehensive concept of all GDPR requirements, in that it impacts not only processes, but also business architecture and systems.

It is not uncommon that the implications to existing and future business and IT processes are underestimated or simply overwhelming for most organisations. Since experienced human resources are scarce and often not required full-time, organizations may find it helpful to hire an external specialist temporarily. projectEzone provides seasoned privacy engineers to overcome skill shortages, as required by clients.