General Data Protection Regulation Audits
GDPR (General Data Protection Regulation) is to guarantee "data protection by design", which means making the protection a vital element of the development of products and services.
We can help you ensure that it is so in your case. As a result, your company will receive professional assistance in planning the implementation of a major change in business operation.
This is how we go about it:
- STAGE 1 – preliminary system evaluation (3-5 days)
We strive to get a clear view of your operations in terms of: security and privacy by design, information duties and procedures, methods of data collection, breach notification schemes, exercise of individual rights or data portability. Based on that, we make draft recommendations for how to effectively fulfill GDPR requirements.
- STAGE 2 – preparation to securing the data (2-4 weeks)
We inspect the maturity of the systems used in personal data processing and carry out risk analysis according to Comarch's internal process templates. This revolves around IT topics like encryption, data backup, logging, UserID operations, and non-IT ones like physical security and document lifecycle. We then discuss draft recommendations specified in Stage 1 with you, propose concrete IT solutions, and draw a roadmap for achieving GDPR compliance.