The GDPR represents one of the greatest regulatory changes in how personal data is processed and stored.
The Intuity compliance consultancy team have designed a series of services that provide the insight and guidance needed to ensure ongoing observance of obligations.
With privacy-by-design at the core of all actions, our GDPR service includes:
- Data Mapping & gap analysis
- Policy & procedure, review & update
- Contract review & vendor management
- GDPR awareness training
Our consultancy team can be reached at professionalservices@intuity.ie or call 0818 987 900
Policy & Procedure Review
Core to our Compliance & Regulation offering in helping our clients with the GDPR is our Policy & Procedure review and update service.
Following on from the initial data mapping exercise our consultant will look to review and update the policies & procedures required for compliance:
- Undertake a review of current data protection policies in place.
- Update your data protection policy in accordance with the requirements of GDPR, setting out your lawful processing criteria, consent management, subject access requests, data security breaches, retention of records etc.
- Prepare Privacy Policy for website, privacy statements for employees, update application form online, and add email signature disclaimers.
- Review current security and IT practices & procedures.
- Identify and implement measure to satisfy privacy by design.
Deliverables
An initial set of policies to ensure compliance with regulation.
- Data Protection and Record Retention & Destruction Policy
- IT Usage Policy & IT updates
- Employee privacy notice
- Privacy policy for website
Contract Review & Vendor Management
To ensure GDPR compliance, companies must understand how and where vendors and processors manage client/customer personal data.
Our offering:
- Identify third party vendors and processors and compile a master list.
- Conduct an audit of vendors and processors and determine what measures they have in place to satisfy privacy by design.
- Review existing vendor and processors contracts for GDPR compliance.
- Assess and manage risks posed by vendors and processors.
- Draft data processing agreements (DPA) and necessary addendums for vendors and processors to sign.
Deliverables:
- Supplier GDPR Readiness Questionnaire
- Master list of vendors/processors
- Risk register
- Signed DPAs with vendors and processors
- Service Agreements amended in line with GDPR
GDPR Awareness Training
I am text block. Click edit button to change this text. Lorem ipsum dolor sit amet, consectetur adipiscing elit. Ut elit tellus, luctus nec ullamcorper mattis, pulvinar dapibus leo.