Accept

By using this web site you accept our use of cookies.

More information about cookies
EVRY_GI-624097524.jpg (Large).jpg

The general data protection regulation:

Are you in control of personal data?

General Data Protection Regulation

In April 2016, the European Economic Area (EEA) set in place the General Data Protection Regulation (GDPR) which will be effectuated in May 2018. This regulation affects all organizations that handle personal data within the EEA. To be compliant to the new regulation, each organization will have to put in place measurements with which they ensure GDPR requirements are fulfilled.


What is the GDPR about?

  • Increase protection of personal data
  • Strengthen individual rights
  • Increase mobility in EU’s single market

How does the GDPR require organizations to fulfill this?

  • Purpose limitation, data retention & third parties
  • Record inventory
  • Notice, consent & objection
  • Profiling restrictions
  • Right to access
  • Right to rectification & erasure
  • Data portability
  • Security measures & breach notifications
  • Privacy by design & default
  • Data Protection Officer, audits & fines

Consequences of the new regulation:

  • Data Analytics:
    • Non-compliance gives limited possibilities for cognitive analytics
  • Economical:
    • Violation charges (20 mil Euro, 4% of total global revenue)
    • Distortive competition when vendors in Barcelona or Stockholm do not have same conditions
  • Strengthened confidence:
    • Loss of control or non-compliance will negatively impact reputation
    • Customers will leave companies that cannot control their data
    • Compliance will increase customer reputation and consumer’s willingness to share their data

The GDPR leads to new opportunities:

New opportunities will occur in the area of consumer rights with even more consumer-focused software with which personal data and consent is managed. Additionally it will generate a new wave of improved Data Management capabilities in organizations to enhance, among others, Data Governance, Data Quality, Master Data Management  and Metadata Management.

Our approach towards compliance and leveraging new opportunities:

With our five-phased approach we provide the needed structure to become GDPR compliant

EVRY as a ‘Processor’

EVRY can help you become compliant within your organization. At the same time, for a number of our clients, EVRY fulfills the role of ‘Processor’ in the GDPR. The Processor is responsible for the processing of personal data on behalf of other organizations. EVRY is already working to ensure GDPR compliance in its processing role.

Our consultants can help your business through the GDPR-process:

CustomerCentric_280x158.jpg

Awareness

Awareness of privacy regulations starts with top management. No top management support, no (or limited) success

Read more
Development_280x158.jpg

Assessment

Initial maturity assessment. Prioritization for Target Setting. Familiarizing with As-Is.

Read more
Events_280x158.jpg

Target setting

Data Protection Authority Guidelines. Define Targets (People, Process & Technology). Prioritized work packages & roadmap.

Read more
Modernize_280x158.jpg

System change

GDPR Programme and Projects. Prepare & implement change. Validate compliance with Data Protection Authority.

Read more
Innovation_280x158.jpg

New business opportunities

Reflect on new status quo in the organization, but also in the industry. Define opportunities and next steps.

Read more
Group_280x158.jpg

Evaluation and implementation

Ongoing evaluation and measurement of the project according to the target image set.

Contact us to learn more