(DPIA) Data Protection Impact Assessment

 

We put IT in Data SecurITy!™

With the new GDPR regulations coming into full swing in May 2018 and carrying fines as high as 4% of Gross Revenue, It has many companies in the US and European Union (EU) asking, “Does GDPR apply to us and what do we need to do?”

The short answer is if you are marketing to EU data subjects or doing business with them: you may need to comply with GDPR. EU data protection law provides data subjects with a wide range of rights that can be enforced against enterprises that process personal data. These rights will limit the ability of enterprises to lawfully process the personal data of data subjects in many of the ways that were regularly employed in the past.  These new rights can significantly impact an enterprise’s business model. The shift to a protection model that is focused on individual privacy represents a major transformation in the requirements for protecting the personal data of individuals throughout Europe. The stakes are high with fines reaching up to as high as 4% of total revenue or 20 Million EUR (whichever is higher).  

Contact TFS to discuss in more detail  

Compliance, Compliance, Compliance! "Accountability and compliance" is one of the core privacy principles of GDPR.  TFS can assist you in documenting your road to compliance with GDPR through the performance of a Data Protection Impact Assessment (DPIA)   

If there is one takeaway from GDPR, it is the importance of documented compliance!  Not only should the compliance be ensured, but it should be easily demonstrated. Data controllers and processors need to not only take responsibility for complying with GDPR, but also be able to easily demonstrate their compliance. Data needs to be protected throughout all the transfer stages. Every stage must be properly recorded and documented.  All data stages must be compliant and properly documented.