The General Data Protection Regulation (GDPR) was enacted by the EU Commission to protect the rights and freedoms of EU persons from damages caused by the processing of their data. The GDPR regulates how businesses proactively manage risks when developing a service or process using Privacy by Design concepts, by minimizing personal data collection, securing data and requiring notification of data breaches.
- Applies to all businesses (EU and non-EU) that collect, store, transfer, or process data on EU natural persons.
- Requires informed consent by the data subject for the collection and processing of personal data, as well as the ability of the data subject have their data corrected, returned to them, and to be forgotten.
- Regulates how businesses proactively manage risks when developing a service or process using Privacy by Design concepts, by minimizing personal data collection, securing data and requiring notification of data breaches.
- Failure to comply with the regulation will result in a €20 million fine or 4% of annual global turnover, whichever is greater.
As a global cybersecurity services expert, with knowledge of US, CDN and UK regulations & government directives, Herjavec Group can support the development of your organization’s Privacy Framework, including GDPR readiness, through a range of Advisory Services.
Privacy & Compliance Advisory Services
Privacy Program & GDPR Readiness Assessment
Current state review of existing data protection governance, practices and controls, referencing local, sectoral and global legislations with a focus on GDPR compliance
Data Protection & Privacy Impact Assessment
- GDPR strongly recommends DPIA or PIA be carried out for existing business services
- Evaluation of business service or process that involves collecting, processing, storing or disseminating personal information
Data Identification & Inventory Discover Workshops
- 2 Day Workshops for delivering a record of processing activities and a data inventory snapshot required for GDPR compliance
- Involves Business Process Scoping and Technical Validation/ Systems Testing
Accelerate Your GDPR Readiness with HG
- We offer a hands-on, flexible approach, tailored to meet your organization’s uniqueness and requirements.
- With comprehensive security expertise in advisory services, identity and incident response, we take a holistic approach to your compliance assessment services.
- We can review your organization’s existing control framework, identifying where you are most vulnerable to cyber threats through penetration tests, social engineering assessments, red teaming operations and more
- Our cyber experts contribute to the Payment Card Industry Data Security Standards, providing insight on PCI DSS evolutions and revisions. We offer thought leadership through webinars, blogs and at PCI DSS events.
- We have decades of experience in Payment Card Industry (PCI) compliance, risk and security frameworks (ISO, NIST), and expertise in emerging privacy domains like GDPR.
- We’ve been recognized industry-wide as a cybersecurity expert –#4 on MSSP Alerts Top 250 MSSPs, IDC Security Services Leader and Security Company of the Year from Cyber Defense Magazine.
Check Out Our Latest Privacy & Compliance Blog Posts
BetaKit: Cybersecurity Experts Tackle Privacy Protection Ahead of Control ConferenceOver the last several years, many Canadian researchers and news...Read More | Robert Herjavec
Robert Herjavec Highlights the Importance of a Federal Data Privacy Law after the Facebook Data BreachFollowing the discovery that the private data of 87 million...Read More | Robert Herjavec
CNBC: Facebook FalloutFollowing the recent controversy of Facebook's data scandal linked to...Read More | Robert Herjavec
Forbes: Mr. Zuckerberg Goes To Washington: The Climb Up To Capitol HillIf the public has learned anything about Mr. Zuckerberg's trip...Read More | Robert Herjavec