GDPR Compliance

How you can comply with the GDPR and the transponed local privacy legislations in a pragmatic way?

clipeum is as certified data protection officer and ISO 27001 lead auditor and has a profound expertise in business process management, risk management and compliance, combined with excellent project and change management skills. Furthermore, clipeum works together with business partners with specific expertise (juridical, ICT technical), which allows us to offer a global solution to our customers. As a result, clipeum is well positioned in assisting your organization in the GDPR/AVG compliance journey.

clipeum offers a wide range of privacy related services to assist your organization with the implementation of the European General Data Protection Regulation (GDPR) and with the transposed local privacy legislations:

 1. Monitoring, coordinating and/or supporting your organization in a practical and customized way during the full duration of the GDPR compliance project or during specific stages of the GDPR compliance project with (amongst others):

  • Assisting your organization with getting knowledgeable on the European and relevant local privacy related legislations, but also with identifying the specific impact on and the specific needs for your organization.
  • Creating the data register, which contains all personal data processing activities by all different (national/international) locations of your organization.
  • Executing a risk assessment or risk scan based on the collected information, resulting in a GDPR compliance gap analysis report.
  • Evaluating the risk assessment/gap analysis report and setting up a pragmatic GDPR action plan with technical and organizational measures, customized to your organization

 2. Executing supplier assessments

 3. Setting up a new data protection and/or data governance policy or optimizing the existing policies (e.g. Information security guidelines, data breach procedures, privacy notices, data storage procedure, etc.)

Has your organization already started with the GDPR compliance project, but you note that you do not have enough expertise or enough resources to achieve GDPR compliance? Then clipeum is also assisting your organization with the continuation of the GDPR compliance project (not-exhaustive):

  • Evaluation of the executed risk assessment.
  • Evaluation of the “AS IS” situation: inventory of the activities/tasks carried out yet and the action plans implemented yet in view of the GDPR compliance project.
  • Identification and planning of the activities still to be performed.
  • Assistance with the execution of the activities still to be performed.
  • Assistance with the implementation of the outstanding action plans.

During the GDPR compliance project, clipeum considers other relevant European and local privacy related regulations (such as the E-Privacy regulation), and the in local legislation transposed European guidelines (such as the transposed NIS directive[1]).

Interested? 

Would you want to make sure that that your organization is and stays compliant with the new European and the relevant transposed local privacy legislations? Than are we happy to come along. Contact us at frederik.vervoort@clipeum.be or give us a call at +32 473 91 05 80 for more information.

 

[1] The NIS-directive imposes that operators of essential services (OES) and digital service providers (DSPs) established in the EU, do implement technical and organizational measures to manage risks that threat the security of their network and information systems. This directive, using ISO 27001, ISO 22301 and ISO 27035 as reference standards has been transposed to Belgian legislation in March 2019.