GDPR Compliance Framework for Analytics Company

Problem Statement

Customer pursued CSA STAR certification and a review of the Information Security program to address Investor and customer requirements on information security and cloud security.

Services Delivered

  • Assessed the readiness and compliance to GDPR requirements for an Insurance company
  • Studied the legal contracts to identify requirements on privacy and security controls
  • Identified additional privacy and security control requirements mandated by GDPR, if any, to be incorporated into contracts
  • Conducted a Gap Analysis on the existing data protection practices (documentation, process and technology controls) against GDPR and provide a Gap Assessment report.
  • Provided recommendations for remediation for each identified gap
  • Conducted Privacy Impact Assessment, identified personal information and corresponding impact due to a breach
  • Developed policies and procedures to meet security requirements outlined by GDPR
  • Developed training content on GDPR requirements

Value Provided

  • Conducted a comprehensive assessment against GDPR requirements
  • Identified risks and corresponding remediation measures required to ensure compliance with contractual obligations and internal requirements
  • Developed policies and procedures to meet GDPR control requirements
  • Provided guidelines and support as part of implementation support
  • Increased awareness on GDPR requirements
Article Written by
crossmenu linkedin facebook pinterest youtube rss twitter instagram facebook-blank rss-blank linkedin-blank pinterest youtube twitter instagram