DATA PROTECTION IMPACT ASSESSMENTS
GDPR Article 35 states a DPIA is required "where processing, in particular using new technologies, and taking into account the nature, scope, context and purposes of the processing, may result in a high risk to the rights and freedoms of natural persons." A DPIA will require a team of people with knowledge of the organisation's systems. Integrated Data can help you structure the DPIA to be recorded it in the corporate risk register.
Where is your organisation most at risk of a fine? A gap analysis will review extensively all the areas where you may be non-compliant and at risk. It includes governance structures, risk and asset registers, contracts with processors, data security standards, consent control, HR procedures, data ownership etc.
Do you fully understand the implications of GDPR and what is Personally Identifiable Information (PII)? Key members of staff must understand their responsibilities toward PII, and the likely penalties for non-compliance. We offer training for all levels.
Every organisation holds personal data, whether customers' data, or personnel records. With our expertise, template forms, and software packages from our trusted partners we can get you up and running really quickly, and minimise your risk before the deadline of 25th May 2018.