GDPR Roadmap +Implementation Program

We train a working group (privacy team) within the company and support the process of GDPR implementation. You can lay ISO27701 or Nymity Privacy Accountability Framework on the basis of the GDPR Roadmap.

Why is Roadmap+ Implementation program both comprehensive and convenient?

Problem
Solution
Sustainability – an internal privacy team supports the system when the implementation is over.
If the GDPR implementation process is done exclusively by other consultants, there is risk that after the project is completed, the system will fall into neglect, as internal specialists lack both expertise and motivation to take care of the company’s processing activities. We start with creating a privacy team comprising HRs, developers, project managers, SMM specialists, support team members, etc. By doing so we make sure that your company can deal with most GDPR-related issues independently after the project is finished.
Motivation – companies having an internal privacy team show more efficiency in GDPR implementation.
When all GDPR-related tasks are set by other consultants, employees are often reluctant to take these tasks and handle them with diligence. On the contrary, tasks that grow naturally from the company’s intention to be compliant with the GDPR are performed with much more enthusiasm and care.
Support – the company is guided through the whole process of GDPR implementation.
Based on ISO27701 and the Nymity Privacy Accountability Framework, the working group, consisting of privacy team and DPO consultants will create a systematic GDPR Roadmap – a step-by-step list of activities. The Roadmap is tailored to the needs of your company and addresses the resources (time, human and financial resources) available to you.
Accuracy – you know what to do, as well as when and how to do it.
Together with the DPO team the company creates an action-plan, in which all tasks are prioritized and time-framed. It is your business and its immediate needs that dictates what measures are to be taken first, taking into consideration the resources you have.

Stages of work

First Phase

GDPR Roadmap Preparation

01. Workgroup formation

Implementation of the program will require the formation of a working group. The project’s success depends on the involvement of the major stakeholders in the customer relationship.

Typically, the group includes representatives from every department or division of the company: legal, compliance, information security, IT infrastructure, HR, audit, risk management, marketing, as well as representatives from the company’s main areas and products. Working groups must include executives who make decisions or have a significant influence on them since some tasks require the assistance of those with power in the company.

02. Education

The working group receives training based on the GDPR Data Privacy Professional course, delivered by a certified professional CIPP/E, CIPM, FIP, MBA – lasting 24 hours (5 days).

Second Phase

Creating the GDPR Roadmap

03

Over four working sessions, identification of projects covered by the GDPR. GDPR-compliant areas, projects, and products must be selected. According to Article 30 of the GDPR, the personal data processing register is filled out.

04

Choosing from 139 activities in the Nymity Privacy Accountability Framework or 150 requirements of ISO 27001 and 27701 that apply to your organization.

05

Assessment of the risks associated with selected activities for the organization and the data subjects, the complexity of their implementation, and their benefits in the current environment.

06

Evaluation of resources required for implementation of GDPR Roadmap (people as well as management support; processes; technologies, and tools).

Third Phase

Privacy Roadmap Implementation

07

By this point, we have successfully implemented the activities planned for the GDPR Roadmap within 4 or 12 working sessions. Firstly, we handle high-risk and high-priority tasks.

By this point, we have successfully implemented the activities planned for the GDPR Roadmap within 4 or 12 working sessions. Firstly, we handle high-risk and high-priority tasks.

Our consultants can handle some work on the basis of prepaid hours (60 or 120 hours, depending on the selected service package). Throughout the entire implementation phase, the working group allocates these hours.

Format of work

Anyone who works with personal data must ensure compliance with data protection laws and international regulations. The course guarantees that candidates are familiar with data protection terminology and privacy concepts and capable of applying them in practice.

Meeting

This section discusses the auxiliary training module, the division of tasks (why and what? who and how?), examples, and templates.

Intersessional work

Members of the working group independently implement the selected activities between sessions.

Assist

Our consultants provide support between working sessions and carrying out the outsourced work.

Who runs the program?

Siarhei Varankevich

CIPP/E, CIPM, CIPT, MBA, FIP

Founder of DPO Europe GmbH. Data Protection Trainer and Principal Consultant.
Siarhei Varankevich FIP is the founder of the international data protection consultancy, Data Privacy Office. He provides consultation on the European GDPR and Emirati PDPL. He is the author and instructor of GDPR DPP, GDPR DPM, and UAE DPO data protection training courses. He is a certified professional (CIPP/E), manager (CIPM), and technologist (CIPT) in information privacy. Siarhei is also the chief editor of GDPR-Text.com, an online guide to the EU General Data Protection Regulation.

Packages of services

BASIC FEATURES

Privacy Roadmap

Training of the working group on the GDPR DPP

4 sessions
GDPR Roadmap creation*

≈ 3 months
Duration

MOST POPULAR

Privacy Roadmap + 50% Compliance

Training of the working group on the GDPR DPP

4 sessions
GDPR Roadmap creation*

4 sessions
GDPR Roadmap implementation

60 hours
Consulting

GDPR Aware up to 200 pers.
Gift 1

≈ 6 months
Duration

ALL YOU MAY NEED

Privacy Roadmap + 80% Compliance

Training of the working group on the GDPR DPP

4 sessions
GDPR Roadmap creation*

12 sessions
GDPR Roadmap implementation

120 hours
Consulting

GDPR Aware up to 200 pers.
Gift 1

GDPR DPT up to 20 pers.
Gift 2

≈ 12 months
Duration

Each package can be customized based on your company’s needs and specifics during a consultation.

01.

*Identifying areas, projects, and products that need to be brought into GDPR-compliance.

02.

Determining which Nymity Privacy Accountability Framework activities are applicable.

03.

Prioritizing selected activities.

04.

Resource assessment for the implementation of the GDPR Roadmap.

We are here for you!

When you complete the form, you will:

Contact Sales

Learn what Data Privacy Office Europe can do for you.

Fill out the form and we will contact you as soon as possible!

Get an offer