The General Data Protection Regulation (“GDPR”) goes into effect in May of 2018, yet many multi-national companies are still behind in preparing for compliance.

The sweeping regulation requires organizations to meet stringent data protection requirements affecting the personal data of EU citizens and for the first time also impacts companies that are based outside of Europe.

Our global GDPR services include:

GDPR Risk Assessment: Comprehensive gap analysis and risk assessment to determine the organization’s readiness to comply with the GDPR;

GDPR-Specific Technical Inventory of Personal Data Sources: Assess the corporate data universe to understand the full scope of personal and protected data that exists in the firm, where it is located and how it flows internally and externally;

Tactical and Strategic Roadmap: Delivery of tactical roadmap which contains recommendations for minimum required compliance actions by May 2018. Design of a strategic roadmap, which provides longer term recommendations in alignment with broader enterprise initiatives;

GDPR Policy Refresh: A thorough review and update of GDPR impacted policies such as relevant records, privacy, security and data policy as well as procedure documentation;

Data Remediation and System Decommissioning: Identify and take remediating actions to help reduce enterprise data complexity and streamline GDPR data compliance;

Program Design and PMO Support: Develop robust, scalable GDPR program and project plan. Develop reusable training and communications templates. Support and augment the organization’s existing Project Management Office to help operationalize GDPR compliance efforts;

Contract Intelligence: Collect and analyze your organization’s contract universe to assess risk and ensure compliance with GDPR provisions.