Providing clarity and consistency through your GDPR journey

On 25th May 2018, the General Data Protection Regulation (or GDPR), a European privacy law is due to take effect that sets a new global bar for privacy rights, security, and compliance. 

The purpose of GDPR is to give data subjects back the control over what information businesses hold about them. The legislation demands transparency and easily accessible policies with regards to the processing of personal data.

GDPR therefore imposes new rules on organisations in the European Union (EU) and those that offer products and services to the people in the EU, or those that collect and analyse data to EU citizens, no matter where they are located. That means companies outside of the EU could also be impacted. 

This paradigm shift in how organisations govern, manage and protect personal data while respecting individual choice - no matter where the data is sent, processed, or stored - is going to have huge consequences if not adhered to. Any organisation that doesn’t comply can face a fine up to 20 million Euros or 4% of their global annual turnover – whichever is highest. So, it is obviously a no-brainer that you should ensure you can comply.

GDPR Journey

Preparing for the GPDR is complex. As a Microsoft Gold partner, we have assurance that Microsoft are updating the features and functionality in all of their services to meet the GDPR requirements, and they are updating their documentation and customer agreements to reflect this. Through Microsoft’s cloud services and on-premises solutions, we can help you locate and catalogue the personal data in your systems, build a more secure environment, simplify your management and monitoring of personal data, and give you the tools and resources you need to meet the GDPR reporting and assessment requirements. This can be summarised by four vital areas: Discover, Manage, Protect, and Report. You can take the quick GDPR Essential Assessment to benchmark where you are on your compliance journey.

Discover: Identify what personal data you have and where it resides

The first step towards GDPR compliance is to assess whether the GDPR applies to your organisation, and, if so, to what extent. This analysis starts with understanding what data you have and where it resides.

Manage: Govern how personal data is used and accessed

The GDPR provides data subjects - individuals to whom data relates - with more control of how their personal data is captured and used. Data subjects can, for example, request that your organisation provides information on the processing of data that relates to them, transfer their data to other services, correct mistakes in their data, or restrict certain data from further processing in certain cases. In some cases, these requests must be addressed within fixed time periods.

Protect: Establish security controls to prevent, detect, and respond to vulnerabilities and data breaches

Organisations increasingly understand the importance of information security - but the GDPR raises the bar. It requires that organisations take appropriate technical and organisational measures to protect personal data from loss or unauthorised access or disclosure.

Report: Execute on data requests, report data breaches, and keep required documentation

The GDPR sets new standards in transparency, accountability, and record-keeping. You will need to be more transparent about not only how you handle personal data, but also how you actively maintain documentation defining your processes and use of personal data.

GDPR Essential Assessment

ClearPeople are here to help you through this GDPR Journey. The GDPR Essential Assessment package is geared to making GDPR compliance as frictionless as possible. Fill in the form below to take Microsoft’s quick assessment, an online self-evaluation tool available at no cost to help your organisation review its overall level of readiness to comply with the GDPR. Once completed, you’ll be able to download a report of your readiness and make a decision if you’d like one of our experienced consultants to go through a more detailed assessment with you.

Disclaimer: This GDPR Assessment is intended to assist organisations with assessing their GDPR compliance progress.  The GDPR Detailed Assessment is provided for general public informational purposes only.  Any results, scoring or recommendations produced by the GDPR Detailed Assessment should not be relied upon to determine how GDPR applies to an organisation or an organisation’s compliance with GDPR, and they do not constitute legal advice, certifications or guarantees regarding GDPR compliance.  Instead, we hope the GDPR Detailed Assessment identifies technologies and additional steps that organisations can implement to simplify their GDPR compliance efforts.  The application of GDPR is highly fact-specific. We encourage all organisations using this GDPR Detailed Assessment to work with a legally qualified professional to discuss GDPR, how it applies specifically to their organisation, and how best to ensure compliance.

Take the GDPR Essential Assessment

More details

How much do you know about GDPR?

Read more

Read Microsoft's GDPR Journey Starter's Guide


Do you have more questions?


Take the GDPR Quick Assessment