The changes to the data protection environment in Europe brought about by the introduction of the EU GDPR which will be enforced from 25 May 2018, makes it mandatory for organisations that process personal data of EU citizens to review and update their operational, administrative and technical processes in order to adequately comply with the Regulation when it is eventually enforced in 2018. The UK Information Commissioner’s Office has confirmed that UK organisations are still expected to comply with the GDPR despite Brexit. If the UK wants to trade with the Single Market on equal terms UK data protection standards would have to be equivalent to the EU’s General Data Protection Regulation framework starting in 2018.
What we Offer
Our consultants can help you comply with the requirements of the UK Data Protection Act 1998 (DPA) as well as help your organisation prepare policies, systems and processes for the requirements introduced by the European General Data Protection Regulation (GDPR). Our experienced team of Information Governance managers will provide you with the necessary expertise to implement a risk based privacy assurance corporate model that meets the requirements of the data protection legislation. Our data protection compliance work will start with an initial gap analysis to inform the appropriate improvement plan that will be implemented to ensure your organisation meets its compliance needs. Infinitic can help your organisation achieve its privacy goals and compliance obligations against the GDPR.
Our consultants recognise that data protection is not only about understanding the law; it is now a field where legal and regulatory knowledge are no longer the main key for organisational compliance but our consultants have the relevant operational skills and know-how to deliver effective compliance within your organisation. Our consultants do not only know what the law says but have adequate skills and knowledge in performing operational practices such as impact assessments, information risk assessment, data breach handling, handling data subject access request and contract monitoring and reviews etc.