Data Protection and Privacy
8. GDPR Maturity Assessment
The European Union (EU) General Data Protection Regulation (GDPR) is a regulation in EU law on data protection and privacy in the EU and the European Economic Area (EEA). The GDPR is an important component of EU privacy law and of human rights law. It also addresses the transfer of personal data outside the EU and EEA areas. The GDPR’s primary aim is to enhance individuals’ control and rights over their personal data and to simplify the regulatory environment for international business. The GDPR covers data protection and privacy for all individual residents of the EU and the EEA.
It’s all about knowing your People, Process, and technology better to understand when, how, what, and why your business functions gather, use, manage, and store personal data. Also, knowing the definition and scope of personal data based on the applicable privacy legislation to your business because privacy rules have different definitions of the personal data in different geographics.
Cybermatic started working with enterprise organizations in the private and public sector as early as the GDPR was put into effect on May 25, 2018. We are helping them to identify their gaps and providing them an actionable, customized roadmap to achieve their privacy goals by providing the below services:
- Data Protection Impact Assessment: Identify the actual or potential effects that a proposed or existing information system, technology, program, process or other activity may have on an individual’s privacy. [Service 7]
- Data Protection Review: A review of existing privacy and governance structures covering data protection principles, and processes and identifying the gaps.
- Providing GDPR Compliance Roadmap: A high-level roadmap to help you overcome the identified compliance gaps, and prioritize key work areas that need to be improved on to demonstrate compliance including Data Controller, Data Processor, and Data Protection Officer (DPO) roles and responsibilities and consultation on adopting and implementing a data management and governance tool.
- Privacy Awareness Program: Consultation on implementing a privacy awareness and training program for your employees at all levels to satisfy the regulation requirements and improve your staff’s awareness. [Service 18]