The GDPR, General Data Protection Regulation, is a regulation by which the European Parliament, the Council of the European Union and the European Commission intend to strengthen and unify data protection for all individuals within the European Union.
Briefing our board and staff so they are aware of the risks to the business and what needs to happen over the next 6 months to get GDPR effective.
Appointed a Board sponsor who supports and oversees all internal GDPR work programs.
Appointed a working group responsible for GDPR who meet weekly to discuss progress on agreed actions.
Translated the GDPR into deliverables & functionalities so that Westcoast can align their compliance objectives, and mark progress against tasks as they are completed.
PERSONAL DATA DISCOVERY:
Conducting a Personally Identifiable Information (PII) location / format / security assessment across all data using departmental representatives.
Assessment of exposure & potential mitigations (Risk Based Approach).
POLICY GAP ANALYSIS:
Review and update of existing data protection policies, training, privacy notices etc.
TECHNICAL GAP ANALYSIS:
Where IT solutions can accelerate GDPR “effectiveness” acquiring & installing these IT solutions and services.
SECURITY CERTIFICATIONS & IMPROVEMENTS:
Continued commitment to security, tools and data protection across the business (we already have ISO:27001 and CyberEssentials PLUS certifications which emphasise our existing data security controls).
Aligning to our commitments as a Data Processor and adhering to all mandatory requirements set out under the GDPR.
Corporate Social Responsibility
Our involvement with local and in-house initiatives are testament to our commitment to supporting our communities and nurturing young talent.Learn More