enquiries@xc360.co.uk
Sales: 0208 732 5656
 

GDPR Services

GDPR gap analysis

A review of your business processes and data management in line with the GPDR, which will provide a report on the recommended remediation required from a process and documentation level.

3-day analysis and Interviews with key stakeholders to identify current processes that impact personal data and a complete review of polices that effect personal data.

GDPR IT analysis

A review of your entire IT estate, including, but not limited to, current posture around Infrastructure, Business Continuity, Backup & Restoration, Remote Access, Internal & External Security, and User Controls. The results of this assessment provide recommended remediations required from a technology standpoint.

3-day technical analysis of current configurations and technology solutions in line with GDPR requirements.

GDPR data discovery and flow mapping

A detailed review of personal data within your organisation, from how it comes into the business, how its stored, processed, accessed, retained and removed which will provide a report on how your organisation manages personal data and the remediation required to ensure this is compliant with the GDPR.

3-day data discovery assessment (flow mapping days dependant on number of data processes that need to be examined).

GDPR legal review

A review of your legally binding documentation such as contracts of employment, privacy policies, website management policies, employee handbooks, client contracts, data protection policies and consent mechanisms which will define exactly what changes are required to become compliant and detail documentation that will be required within the organisation to become and remain compliant.

Days dependant on number of documents needing review and amendment.

Security remediation and monitoring

Implementation, reconfiguration and monitoring of security mechanisms, behaviour, threats and vulnerabilities to ensure your IT estate remains free from breach and has appropriate mechanisms to recover quickly from a breach.

Days dependant on scope of work.

GDPR Services

Before WannaCry hit the headlines in May 2017, the most frequently talked about topic was GDPR, what it means, what impact it will have on the way our businesses operate, the changes we need to make and the extra precautions and mechanisms required to prevent significant fines.

GDPR (General Data Protection Regulation) will apply throughout the EU from the 25th of May 2018 and will become legislation that cannot be ignored even with the UK triggering article 50 (Brexit). It represents the biggest change in EU regulations for Data Privacy in over 30 years.

What’s important to realise is that GDPR, Cyber Security and Compliance have significant areas of crossover and have aims that are not too dissimilar. Planning for one will also assist in providing for the others.

WannaCry was a stark reminder to organisations of how important keeping their data and systems protected is. GDPR enforces the importance of privacy and security around personal data held by businesses. Protecting your data adequately goes a long way to preventing impact from cyber-attack and keeping your business GDPR compliant.

High profile security breaches are becoming commonplace in the news. Organisations must prioritise their investment in the coming months to achieve both GDPR compliance and protect their businesses future.

Becoming GDPR compliant is a positive step towards securing your Business’, your customer’s and your employee’s data from cyber threats as well as providing a managed platform for data privacy.

The ICO will look more favourably on organisations that have taken reasonable measures to protect personal data and can provide evidence for this.

XC360’s dedicated GDPR experts will provide the necessary tools and advice to help you become compliant no matter which stage of the GDPR journey you are at.

Whether you need GAP analysis, data discovery, legal review, IT systems readiness review or need to implement a complete GDPR project, XC360 can assist.

All services are costed around the size, nature and complexity of data and processes as well as the organisational and technology structure in place.

Get in touch now to get your GDPR project underway.

Supplementary GDPR Services

GDPR staff awareness

This will provide your team with the necessary knowledge to handle personal data correctly and ensure your organisation remains compliant through each employee’s actions.

  • 45 minute awareness sessions.

Third party audits

which will independently review the third parties involved in your organisation and their access and processing and control of personal data, you provide them.

  • Ensuring your vendors follow GDPR compliant processes to fit with your business
  • Re-engineering data flows and storage to meet GDPR obligations

DPIA assessments

These assessments will:

  • Identify DPIA need
  • Detail the information flow – collection, storage, processed and deleted
  • Detail the potential threats, vulnerabilities and risks to the rights of data subjects
  • Identify and evaluate privacy solutions and risk scores
  • Where necessary (high risk) send the DPIA to ICO for consultation
  • Integrate the outcomes and actions from the DPIA report into your project plan.

Sign up to our newsletter to access our FREE in-depth look into the risks and how to be prepared for GDPR.

Your Name (required)

Your Email (required)

Full XC360 GDPR Service Guide

 

Click the preview above to download a full PDF guide to GDPR services from XC360.

Essential Document Downloads

Sign up to our newsletter and gain instant access to our online library of exclusive cloud guides to help you find the best service and benchmark your cloud provider.

Your Name (required)

Your Email (required)

Privacy Policy

Daily Top Tip