GDPR Privacy Impact and Risk Assessments
InnoSec is the winner of the EU commission Horizon 2020 grant based on its innovation in GDPR and cyber risk – GDPR is an urgent issue that has companies scrambling to be compliant by May of 2018. Any organization that processes EU citizen data is in scope and the penalties are severe.
Alignment with the requirements can reduce the chances of triggering a Data Protection Authority (DPA) to investigate a company’s privacy practices after the GDPR takes effect in May 2018. DPAs can impose a fine on companies of up to 4% of annual global revenues for egregious violations of the GDPR. Member states can also add to these fines. The Netherlands, for instance, has more than doubled its own fining capacity to 10% of annual revenues. European privacy advocates are pressuring DPAs to fully exercise these new powers after May 2018.To manage this risk, multinationals should have a means to demonstrate alignment with the GDPR requirements and communication of this program with DPAs that have jurisdiction over their major European operations.
InnoSec’s GDPR solution provides privacy impact and risk assessments which measure the confidentiality and integrity of the system and the risk associated to it meeting articles 1,2, 5, 32, 35 and 36. Additionally, we provide a readiness gap analysis for managing, planning and budgeting for GDPR.
Most e-commerce, educational and multi-national organizations process EU citizen data and are in scope for GDPR. Moreover, most organizations are not ready according to Gartner and his means the race to the finish line requires as much automation as you can afford. InnoSec provides a means for companies to save money and time with their GDPR assessment and gap analysis offering.. Our GDPR offering automates the assessment process and provides a gap analysis readiness feature, that also ensures that organizations can plan, budget and manage their GDPR program.