The recent Facebook data breach, along with the General Data Protection Regulation (GDPR) which came into effect in the European Union on May 25 this year, has made personal data protection a top-of-mind priority for companies and chief information officers. While the data breach has made individuals aware that even the most trusted companies don’t always protect the personal data they hold, the GDPR will now be able to hold enterprises accountable as custodians of that personal data.
Helping organisations become compliant with the new data protection regulation is what GDPR365 has taken on by converting 88 pages of complex legal documentation into a cloud-based compliance management solution. Founded by a team of highly experienced entrepreneurs, the Amsterdam-based firm has developed a way to streamline the legal and regulatory requirements of the GDPR. The firm’s comprehensive solution addresses the whole range of data protection requirements, from employee training and the implementing of processes to the recording of documentation needed to show compliance. It also contains tools and workflows to manage risk assessments and reviews of consent management practices, digital marketing practices, HR and IT practices, and the handling of personal data breaches and data protection impact assessments.
Amsterdam-based GDPR365 provides companies with best of breed GDPR compliance solutions to ensure adequate data protection processes and documentation are in place
An initial interview identifies the needs of an enterprise and assesses its existing processes. GDPR365 then provides a customised data protection toolkit with specific compliance solutions for that enterprise. The intuitive user interface makes the GDPR365 platform easy to use, even for users who don’t have detailed knowledge of data protection regulations.
Eckert describes how French Duncan, a reputed accountancy and business advisory firm was attracted to using GDPR365 because it addressed the principle of accountability introduced by the regulation. The Glasgow-based company, which comprises more than 200 chartered accountants and performs routine transactions involving large quantities of sensitive customer data, is using GDPR365 to resolve its own data protection needs but is also offering it to its clients as a service via GDPR365’s cloud-based hub.
In addition to delivering a cutting-edge data protection compliance solution, GDPR365 facilitates the generation and management of data processing agreements, offering multilingual data privacy notices in line with the regulation’s stipulation that individuals be able to access them in their own language.
The firm emphasises that becoming compliant with the GDPR isn’t a one-off exercise. The process requires a philosophical and operational shift in how organisations protect and use personal data, and maintaining compliance is an ongoing effort.
“GDPR compliance calls for a change in mind-set, and we hope organisations will soon see the competitive advantage that compliant organisations will have over non-compliant organisations,” concludes Chesselet.