Maintain and Remediate
Maintenance and remediation
Remediate your data privacy operations and establish robust procedures to keep your data privacy information up to date.
Maintenance and remediation outputs
- Data classification
- Process transparency
- Minimised personal data
- Data retention and deletion processes
- Data subject rights processing
- Proportionate and adequate personal data security
- An organisation-wide control structure
- Managed reviews, oversight, monitoring and maintenance
- Outsourced services, support and tools to keep you compliant
When your unified data privacy framework is operational, you will use it to manage, improve, maintain and remediate personal data processing throughout your organisation under the guidance of the framework. In addition, you will have the flexibility to run in BAU and kick-off focused projects. Whatever your choice, your unified data privacy framework facilitates an orderly transition towards better personal data protection.
The purpose behind implementing your unified data privacy framework is so that you can demonstrate a willingness to comply with data protection regulations.
We frequently get asked, “what does GDPR data protection compliance mean?”. We have the answer, but we cannot claim ownership because it came from the UK’s ICO to answer our request.
To demonstrate GDPR compliance, an organisation must …
- Show respect for the 6 GDPR principles.
- Have implemented appropriate technical and organisational measures to ensure and to be able to demonstrate that processing is performed in accordance with this regulation (the GDPR).
You are compliant if you have implemented a framework based on the GDPR’s six principles and are now operating within the framework. This does not mean that every piece of personal data held by your organisation has been remediated; it does mean that you address GDPR and PECR data protection using a compliant framework. Data privacy compliance is a journey, possibly without end, so you are allowed to address unresolved data privacy issues as long as you do so within a data privacy compliant framework.
WHAT WE WILL DO
Risk assess each business area using a standard set of risk indicators
Establish remediation sequencing using the risk results
Perform the remediation using a two-step process.
- Step one: build the remediation process for remediating the sequenced business areas.
- Step two: apply the same remediation process across the rest of the business areas in a risk-rated sequence.
WHAT WE WILL DELIVER
The output of the remediation is a set of detailed artefacts demonstrating:
- Data classification
- Process transparency
- Minimised personal data
- Data retention and deletion processes
- Data subject rights processing
- Proportionate and adequate personal data security
- An organisation-wide control structure
- Managed reviews, oversight, monitoring and maintenance
- Outsourced services, support and tools to keep you compliant
WHAT YOU GET
PEACE OF MIND
Our unified data privacy framework and operating model enable you and your Directors to answer confidently regarding the personal data you hold:
- What personal data do we use?
- Where is it?
- For what purposes is it being used?
- How secure is it?
- Can I demonstrate Accountability* to the Supervisory Authority (the regulator)?
* Accountability is the ability to demonstrate respect for data protection principles (e.g., the 6 GDPR principles) and evidence of the implementation of appropriate technical and organisational measures.
SOLUTIONS MENU
Audit & Assessment
Framework delivery
Maintain & Remediate
Training
Data Protection Officer
EU Representative
Site directory
Certifications
Data Protection Controls
Head Office
Calle de la Caléndula 93, Miniparc III, Edificio E, 28109, Alcobendas, Madrid, Spain
Call us
+34 915 553 975
