News/Events/GDPR Services

GDPR Services

15/01/2018

 

Are you ready for 25 May?

 

GDPR is a huge project that is impacting all of our lives right now, with its implementation deadline looming ominously over the horizon.

 

This is the biggest overhaul of Data Protection regulation in over 20 years. It will impact any company wishing to control or process data on European Union (“EU”), and Channel Islands citizens, in the context of selling goods or services. It comes from the desire of EU citizens to ensure they secure fair rights to the treatment of their data wherever they are, and the European Commission’s aim to create a level playing field.

 

Not only will the changes impact those who process data on EU citizens, but processors of data on citizens of the Channel Islands will also be required to comply.

 

The regulation brings in new requirements to protect data subjects, as well as to reaffirm current requirements. Essentially, whilst there are some changes to be aware of, there will be higher penalties for non-compliance of the current requirements.

 

Here are some of the key changes that GDPR is bringing:

 

  1. A broader definition of Personal Data;
  2. A broader definition of Special Categories of Data;
  3. Penalties of up to €20 million or 4% of annual global turnover, whichever is greater;
  4. Much tighter rules on consent;
  5. Greater rights for data subjects;
  6. Privacy by Design;
  7. More rules for Data Protection Officers (“DPOs”).

 

So, how ready are you for 25 May? Have you started your implementation of the changes required to be GDPR compliant?  Have you considered and rewritten your policies and procedures?  If not, maybe now is the time to call in Active Group to help.  The changes to the GDPR encompass a wide range of disciplines; usually more than one person can cover.   Active’s team based approach provides this wide range of disciplines which enable us to provide you with the service you need.

 

Just look at how we can help:

 

  • Assist with the creation of your GDPR project plan;
  • Set the parameters for and review your initial data screening;
  • Review and revise your data destruction policy;
  • Perform a Data Protection Impact Assessment;
  • Perform a Data Audit;
  • Assist your IT service team with tidying up your data;
  • Review and advise on your corporate governance framework;
  • Assist with the review and rewriting of your data protection policy;
  • Assist with the review and rewrite of your Cyber Security policy;
  • Consider and advise on changes required to client contracts;
  • Help to review and advise on your policies and procedures concerning your staff records;
  • Provide GDPR training to your staff;
  • Review and rewrite process and procedures policies;
  • Advise on the Appointment of a Data Protection Officer;
  • Act as your Data Protection Officer if required;
  • Advise on or write data Subject Access Request (“SAR”) procedures;
  • Advise on or write breach reporting processes and procedures;
  • Advise on ongoing control and maintenance of all of GDPR processes.

 

So although GDPR may be looming over the horizon, Active Group can give you the comfort you need to make 25 May a happy day, not a terrifying one.

 

For more information please contact Richard Bray by email on Richard.bray@activeoffshore.com or call on + 44 (0) 1481 706795.

 

back

HAVE MERGED FROM JULY 2018

Active Group and Optimus Group, two leading corporate governance and regulatory compliance service providers have merged to provide an enhanced and more extensive service to clients. This brings together the two most experienced corporate governance, risk management and compliance service companies in Guernsey.

Details of the new name and web site will follow but in the meantime please access either website for information.