What does GDPR stand for?

GDPR stands for the General Data Protection Regulation and was passed by the European Parliament, the Council of the European Union and the European Commission. It is meant to replace the Data Protect Directive and supersede the Data Protection Law of 1998 in the United Kingdom. GDPR is one of the largest data protection laws passed globally and affects not just EU citizens or EU corporations alone.

What Is GDPR?

GDPR is, like the Data Protection Act before it, an Act that seeks to strengthen data protection of individuals. More so than any Act before it, the GDPR encompasses the full European Union and addresses personal data outside of the borders of the E.U. The full scope of the GDPR encompasses not just data subjects of entities within the E.U. but also any processor – cloud-based or otherwise – that is based in the E.U. For example, a United States-based company with a client in the E.U. is just as liable for a breach of data as an organization located in the E.U. physically.

For more information on whether GDPR will affect you click here and visit OAIC

Whilst the rules of GDPR are complex and involved, the overarching goal is deceptively simple: to make organisations protect personal data at all times. It also gives new and improved rights to data subjects, limiting who can do what with their data. The specific requirements of GDPR will vary depending on the nature of your business and how you interact with personal data, so it’s best to enlist the help of dedicated, experienced GDPR consultants to start your compliance journey.

Terrafirma tailor our GDPR implementation packages to suit your organisation’s unique requirements, based on the findings of the analysis. The number of consultancy days an organisation requires therefore varies based on their size and the complexity of the compliance remediation work. Typically, this ranges from 5 to 15 days, with smaller organisations needing fewer days.

GDPR Analysis: What’s involved?

Terrafirma GDPR analysis explores your business policies, processes and technology to identify areas in need of improvement for GDPR compliance. It covers areas such as:

  • Governance
  • Risk management
  • GDPR resourcing
  • DPO (Data Protection Officer)
  • Roles & responsibilities
  • Scope of compliance
  • Personal data processes
  • PIMS & ISMS
  • Data subject rights

GDPR Implementation

Based on the findings from the gap analysis, Terrafirma provides a customised implementation plan to deliver the most cost-effective GDPR compliance.

With a deep understanding of the practical realities of GDPR implementation across a broad selection of industries, our certified consultants provide fine-grain guidance across all business areas, leveraging their years of experience.

On-going Support

GDPR compliance is not a once-only isolated exercise – rather it’s a continuous business approach to data privacy and security. Bulletproof provides a full range of on-going support services, including:

  • Outsourced Data Protection Officer (DPO)
  • GDPR Staff Training
  • Security Awareness Training
  • Penetration Testing

GDPR and data privacy advice package

Are you managing your GDPR implementation internally but need some support? We offer a Data Privacy Advisor package. This is ideal for organisations who require assistance on the journey to compliance.

There is a growing requirement for organisations of all sizes to understand and comply with data protection and data privacy regulations, but many do not know where to start or they require assistance.

Our Data Privacy Advisor package is offered as a calls-only function, providing up to two-hours of support each month to assist your journey to GDPR compliance.

Get started from $326 per month.