The General Data Protection Regulation (GDPR) is a groundbreaking new piece of legislation that affects every organization handling the personal data of EU citizens, including companies outside the EU. Today, businesses across the globe are working overtime to bring their policies into compliance by the May 25, 2018 deadline, taking aggressive steps towards new requirements and remediation efforts.
Focal Point was one of the first companies to offer GDPR guidance to Fortune 500 companies. We stay ahead of the regulation changes that impact our clients, including GDPR, providing information mapping programs, compliance roadmaps, and governance strategies for global organizations in wide-ranging industries. For businesses on either side of the Atlantic, we pursue new and innovative approaches for reaching security, compliance, and strategic business goals alike.
Our team consists of Certified Information Privacy Professionals (CIPP) and Certified Information System Auditors (CISA), proven experts in navigating complex regulations and frameworks in the U.S. and abroad. We've partnered with global organizations to implement GDPR readiness programs, manage vendor risk, leverage data mapping and analytics, and support clients' privacy resources with top-industry tools and proven expertise.
GDPR Readiness Services: Focal Point's Readiness Services target the anticipated gaps between your environment's existing privacy program and the GDPR's increased demands. We have developed a process to help clients identify and manage their unique Compliance Roadmap, using our team's GDPR-centered assessments, methodologies and frameworks.
Privacy Program Design and Implementation: Focal Point also provides Privacy Advisory Services to support our clients' efforts to enhance and mature their privacy program, aligning their security and operational goals with the GDPR and other important global privacy standards. We apply real-world experience in designing and implementing privacy program functions, including:
Information Mapping: Understanding how your company collects, processes, transmits and stores data – as well as how it’s used and who uses it – is the foundation of your data privacy program, and the key to GDPR compliance. To map the flow of data through your organization, we go right to the source – your users. Using our proprietary survey tool, we collect usage patterns from your user-base for a clear insight into the everyday practices leveraged in creating and handling sensitive data. We identify the high-risk vendors, data flows, and IT systems surrounding GDPR requirements, focusing on 1.) areas of remediation, and 2.) maintaining process activities in congruence with Article 30 of the GDPR.
For more information on the steps you can take to comply with the GDPR, check out our white paper The Essential Guide to GDPR Compliance.