Home — Services — Risk, Compliance & Privacy — Privacy / Data Protection & Data Management
- Risk, Compliance & Privacy
Privacy / Data Protection & Data Management
The changes in data protection due to the total revision of the Data Protection Act and the EU GDPR pose major challenges for companies. Data protection offers itself as an “enabler” for a better understanding of the company (e.g. regarding data flow, data deletion and data volume). With the implementation of a Data Protection Management System (DPMS), the maturity of this area can be significantly increased.
Customers’ rights are becoming more significant in scope when it comes to the modification, deletion and surrender of their data. In addition, requirements in the area of “Privacy by Design” or “Privacy by Default” as well as numerous new information obligations need to be implemented. What all these projects and plans have in common is that a multitude of systems, processes, data budgets and company divisions must be taken into account and involved. This in turn increases the demands on the maturity of project management. We have experience from numerous implementation projects in the area of data protection and can support you individually, holistically and pragmatically in the identification and evaluation, planning, coordination and risk-based implementation of these requirements.
We know the solutions of leading providers and can therefore optimise existing installations or assist in the evaluation and establishment of new privacy solutions.
SELECTED REFERENCES
Success Stories
GDPR/DSG implementation Swiss Insurance
Definition and establishing of the GDPR/DSG programme and its governance.
- Establishing the baseline for the relevant legal and regulatory requirements
- Creation of an overall concept (building blocks/clusters, system/system boundaries, scope) and assessment of risks (heat map)
- Elaboration of a roadmap taking into account risks, costs and urgency
- Implementation along the defined roadmap
GDPR/DSG implementation Swiss Insurance
Definition and establishing of the GDPR/DSG programme and its governance.
- Development of risk-based decision-making principles for the attention of the management (incl. business case and implementation planning)
- Determination of governance / TOM across the individual areas
- Development and implementation of the data protection roadmap
- Development and implementation of deletion concepts incl. evaluation and implementation of a third party solution for the orchestration of the deletion & retention solution (involvement of > 350 applications with personal data)
- Establish and lead a ‘Data Protection’ programme organisation for the implementation of client data protection
- Introduction of a global Data Leak Age Prevention (DLP) and Digital Rights Management (DRM) solution, evaluation of a solution for the automated data classification for structured and unstructured data