THIS IS NOT A WHITEPAPER!
This is a BLUEPRINT designed for IT and business professionals that need practical best-practice research, tools, and templates to quickly get to action to better understand and address GDPR compliance and regulatory requirements. The publisher delivers practical research that delivers measurable results.
GDPR is here to stay! Many organizations struggle with the notion of a global data privacy regulation. Some question the enforceability of such a wide set of regulatory criteria, while many are concerned about their potential exposure and unsure of where to start.
It is important to understand the General Data Protection Regulation (GDPR) is first of many enhancements to worldwide data privacy standards. Other jurisdictions, such as the US (various states), Canada, and Australia are following GDPR with updates to their privacy regulations.
With this unstoppable freight train of inevitable and improved data privacy baselines, the GDPR should be seen as a framework for an organization’s data privacy efforts. Organizations should embrace GDPR’s risk-based and pragmatic approach to data privacy.
This research will help you:
1. Understand the regulation’s applicability and the risks imposed by GDPR.
2. Develop a defensible position for your internal and external stakeholders.
3. Lay the foundation for future data privacy regulations and directives.
Follow our methodology to move towards GDPR compliance. The Blueprints includes a step-by-step approach to fast-track your GDPR compliance efforts.
The Blueprint includes best-practice research and Excel-based tools and Word templates that your organization can use for your own purposes:
- GDPR RACI Chart (Excel)
- Record of Processing Template (Excel)
- Data Protection Policy Template (Word)
- Organizations often tackle compliance efforts in an ad hoc manner, resulting in an ineffective use of resources.
- The alignment of business objectives, information security, and data privacy is new for many organizations and it can seem overwhelming.
- GDPR is an EU regulation that has global implications; it likely applies to your organization more than you think.
Our Advice - Critical Insight
- Financial impact isn’t simply fines. A data controller fined for GDPR non-compliance may sue its data processor for damage.
- Even day-to-day activities may be considered processing. Screen-sharing from a remote location is considered processing if the data shown on-screen contains personal data!
- This is not simply an IT problem. Organizations that address GDPR in a siloed approach will not be as successful as the organizations that take a cross-functional approach.
Impact and Result
- Follow a robust methodology that applies to any organization and aligns operational and situational GDPR scope. Info-Tech's framework allows organizations to tackle GDPR compliance in a right-sized, methodical approach.
- Adhere to a core, complex GDPR requirement through the use of our documentation templates.
- Understand how the risk of non-compliance is aligned to both your organization’s functions and data scope.
- This blueprint will guide you through projects and steps that will result in quick-wins for near-term compliance.