Interested in a free Gap Analysis?
When it comes to data, most consumers are very practical in their approach. A recent report by the Global Alliance of Data Driven Marketing Associations stated:
51% of consumers across 10 global markets are happy to exchange data with businesses providing there is a clear benefit for them.
74% of consumers confess to a level of concern when it comes to online privacy.
The majority of consumers across all markets claim they are satisfied with the amount of personal information they currently exchange.
The primary factor that encourages consumers to exchange personal data with industry is the overall level of trust in the specific business or organisation. The introduction of the GDPR has done a great deal to help build trust and has sparked a global refresh of data privacy laws with similar provisions to those contained within the GDPR.
After the GDPR was introduced in May 2018, many firms went to great effort to comply with the regulation.
Smaller firms tended to limit their compliance activities to “Policy Compliance” (ensuring privacy policies were updated, etc.).
Mid-Sized firms completed paper (or electronic paper) compliance activities that include creation of their Article 30 records of processing activities (RoPA), cataloguing their data inventory and completion of the necessary PIAs and DPIAs.
At the top-end, larger firms and global enterprises installed tools and platforms to assist with their advanced compliance activities aimed at delivering effective on-going compliance and with the hope of achieving experiential privacy.
Your eye on data compliance, every day
We are all about privacy compliance, because this matters to our customers. Therefore, we respect and promote privacy compliance within our own organisation first, and demonstrate high standards to our customers.
It will feel like we are behind the scenes experts with zero interruption to your business-as-usual plans, delivering you a high quality, value added, privacy strategy.
The 6-Stage Process
How we help
Our approach is based on five decades of experience delivering privacy services to clients around the world and often starts with a Privacy Risk Assessment (PRA) - A systematic evaluation of how personally identifiable information is collected, used, shared and maintained by an organisation. The privacy risk assessment process provides business teams with the greatest opportunity to shape the evolution of products and services for successful business outcomes with as few privacy risks as possible.
STAGE 1: MAPPING
Through a series of interviews and investigations we work quickly and non-intrusively with your team to find any personally identifiable data collected or used in the product or processes at issue
STAGE 2: RISK CLARIFICATION
The Data Inventory is mapped to the relevant products, systems, business processes, and data elements are classified according to purposes, uses, legal basis and associated risk levels
STAGE 3: POLICY AND PRACTICES COMPLIANCE REVIEW
We then analyse your stated privacy policies and data management practices alongside the applicable frameworks dependent on the nature and location of the relevant product or processes. Our methodology includes a broad look at risk factors, including those introduced by service providers, vendors and other third parties.
STAGE 4: FINDINGS AND RECOMMENDATIONS
From the compliance review, we provide you with Findings Report. For each gap, we provide a recommended remediation measure, with required and best practice changes, risk mitigation strategies and possible tools to enable seamless compliance.
STAGE 5: POLICIES AND PRACTICES CHANGE GUIDANCE
Armed with our gap analysis and remediation recommendations, we can assist in the development of policies and training programs, provide sample language and templates, and validate remediation steps.
STAGE 6: TAILORED ON-GOING COMPLIANCE STRATEGY
Where appropriate we will discuss and recommend an on-going, flexible privacy strategy to best support your organisation meet its global compliance requirements. This could include interim support through to fully outsourced data protection privacy officers.
Our Territory Expertise
Our vast experience with business across many markets in assessing and implementing global privacy law compliance strategies has resulted in two tailored programs being developed for specific business sectors
We’ve delivered privacy strategies for over 400 customers globally in more than 90 countries in 28 languages