Your company or organisation is processing personal data of your customers, clients, employees, contacts with your suppliers or members?
Any of these reside inside the European Economic Area (the European Union + Iceland, Norway and Lichtenstein)?
If the answer is “yes” to both questions, in basic, the European privacy regime is applicable to your company or organisation and we can help you make your journey to GDPR alignment a success story.
GDPR what’s that?
The GDPR or general data protection regulation is the new, massively strengthens data protection regime within the European Union and the three EFTA countries. It mostly strengthens the rights and freedoms of data subjects (all natural persons you are processing personal data from) whilst at the same time raises the bar and obligations for your company or organisation.
That bar was set pretty reasonably just over 20 years ago when in 1995 the data protection directive was introduced, followed by all the national implementations in all the member states.
The GDPR seeks to harmonise these data protection laws across Europe whilst at the same time bringing the law up-to-date with the modern digital landscape.
How much work is GDPR alignment?
That actually greatly depends on how much work your company or organisation has already done to incorporate data protection within your organisation. A lot of the basics the GDPR is mandating already existed in the data protection directive and therefore if you have implemented those in earnest, upgrading your privacy program to the levels the GDPR is mandating should partially be child’s play.
However, if you have mostly ignored the data protection regime that has existed over the last two decades, either because you did not know or did not care enough, the journey to alignment will be a more difficult and longer one to undertake.
Data protection is, but only in part, a legal topic. Although enough lawyers claim the contrary, we believe that only a mix of data protection and information security knowledge and expertise will lead to the right program to sustain your business.
Shamrock Privacy Advice (trademark of Shamrock Information Security) has over two decades of combined information security and data protection experience, therefore we are uniquely qualified to advise and assist your company or organisation with all facets on your GDPR alignment journey.
As compliancy done once is not good enough, we will help you to prepare a program that needs to become part of the DNA and culture of your organisation, grow and adapt with your company and is flexible enough to meet the changing needs legal and security requirements the quickly changing digital landscape constantly throws at you.
Contact us today to find out where we can make the difference for your company or organisation.
And remind your self: ignorance is no longer a valid option.