The General Data Protection Regulation (GDPR) is a groundbreaking new piece of legislation that will affect every organization that processes the data of EU citizens, including those headquartered outside the EU. Organizations around the world are working overtime to bring their policies into compliance by May 25, 2018 deadline. With so little time to prepare, companies need to be taking aggressive steps to align their compliance programs with the regulation and begin any remediation efforts.
As the experts in data risk management and compliance, Focal Point has been developing information mapping programs, roadmaps to compliance, and governance strategies around the GDPR regulation since it was passed in the EU Parliament in April 2016. We put organizations in control of their data, giving them the tools and guidance they need to manage compliance as regulations evolve.
Our data privacy team has developed and implemented comprehensive privacy programs for some of the largest and most complex organizations in the nation. Our team consists of Certified Information Privacy Professionals (CIPP) and Certified Information System Auditors (CISA) who are proven experts in the complex privacy regulations and frameworks in the U.S. and abroad. We are currently assisting many global organizations with their GDPR readiness programs, as well as related projects in vendor risk management, data mapping and evaluation, and privacy office support.
GDPR Readiness Assessment: There are likely to be deltas between the way your business operates today and how it must operate under GDPR. A Focal Point readiness assessment specifically targets these gaps, illuminating any problem areas and bringing your path to compliance into focus. Each readiness assessment results in a detailed roadmap that is specific to your environment, people, and situation, giving you the technical and operational steps required to achieve compliance, and providing actionable recommendations on achieving these goals in your organization.
Information Mapping: Understanding how your company collects, processes, transmits and stores data – as well as how it’s used and who uses it – is the foundation of your data privacy program and the key to complying with regulations like GDPR. To map the flow of data through your organization, we go right to the source – your users. Using our proprietary survey tool, we collect usage patterns from your user base, giving you insight into the actual practices being used in the day-to-day creation and handling of sensitive data.
Information Mapping Governance: Focal Point offers a technology-enabled extension of the data mapping process, allowing you to maintain the accuracy and completeness of your data map over time. Our SaaS tool automates the survey distribution and collection process, periodically requesting updated surveys from your users. This ongoing maintenance of your data inventory prevents costly restarts and ensures continuous alignment between management’s understanding of data practices and the practical usage of data within your organization.
For more information on the steps you can take to comply with the GDPR, check out our white paper The Essential Guide to GDPR Compliance.