Skip to main content

GDPR Compliance

a snowy mountain

The General Data Protection Regulation (GDPR) is a groundbreaking piece of EU legislation that affects every organization handling the personal data of EU citizens, including companies outside the EU. Businesses across the globe worked tirelessly to meet the May 25, 2018 deadline, but compliance with the GDPR is a challenging endeavor. While some are still working through the implementation phase, those who were ready by May 25 are now facing the challenges of operationalizing their GDPR programs.

Focal Point was one of the first companies to offer GDPR guidance to Fortune 500 companies. We stay ahead of the regulatory changes that impact our clients, providing readiness assessments, program design guidance, operationalization assistance, and ongoing support for global organizations across all industries. For businesses on both sides of the Atlantic, we pursue new and innovative approaches for reaching security, compliance, and strategic business goals alike.

Our team consists of Certified Information Privacy Professionals (CIPP) and Certified Information System Auditors (CISA), proven experts in navigating complex regulations and frameworks in the U.S. and abroad. We've worked with global organizations to implement GDPR readiness programs, manage vendor risk, leverage data mapping and analytics, and support clients' privacy resources with top-industry tools and proven expertise. This has prepared us to help our clients with every phase of GDPR compliance – from implementation to operationalization.

GDPR Service Offerings

We believe that data privacy programs should constantly evolve, and GDPR compliance is no exception. From assessing your current program to managing ongoing efforts, Focal Point offers full lifecycle support for your GDPR compliance program, no matter where your organization might be on the maturity spectrum.

Focal Point GDPR Services


GDPR Readiness Services:Focal Point's GDPR Readiness Assessment targets the anticipated gaps between your environment's existing privacy program and the GDPR's requirements. We have developed a robust framework that captures all the compliance elements of the GDPR, providing a holistic view of current processes and the state of alignment.

Privacy Program Design and Implementation:We have created an approach that helps clients develop and execute tailored, actionable Compliance Roadmaps, using our team's GDPR-centered assessments, methodologies, and frameworks. We can assist with the design and implementation of various governance, operational, and technology components needed to align with the GDPR, including:

  • Policies and Procedures
  • Data Subject Access Rights
  • Consent Mechanisms
  • A Privacy-by-Design Approach
  • Data Protection Impact Assessment (DPIA) Programs
  • Third-Party Risk Management
  • GDPR-Specific System Assessment Programs

Program Operationalization: Focal Point also provides Operationalization support, assisting our clients with their efforts to enhance and mature their privacy programs, aligning their security and operational goals with the GDPR and other global privacy standards. We apply real-world experience to designing and implementing privacy program functions, including:

  • Data Protection Impact Assessments
  • Privacy-by-Design Implementation Guides 
  • Right to Erasure and Data Portability
  • Data Subject Rights, Consent, and Opt-In Programs

DPO Services: Focal Point offers co-sourced and managed services to support your ongoing privacy program functions. We provide expert assistance in DPO-related responsibilities, streamlining multi-faceted processes like managing data subject access requests. Our team is able to carry out key DPO functions, including:

  • GDPR Awareness Development and Training
  • Compliance Program Oversight and Monitoring
  • GDPR Communications Management

Learn More


Explore our GDPR Resources library to learn more about GDPR compliance - from lawful basis to de-identification methods. 


tweets by @FocalPointDR

Loading Tweets...