Our consultants in Digital Law can help you with all the legal and practical aspects of GDPR in your operations, from analysis of the current status, to implementation. We work strategically and operatively with matters relating to data protection and privacy, often side by side with colleagues from other parts of Knowit. We tailor a package and put together a team based on your needs.
Current status+ is a tried and tested method for studying the maturity of an organization in relation to GDPR compliance. The result is a mapping of the current status and an action plan to achieve compliance. Current status+ is delivered alongside experts in information security and change management from our other fields of expertise within Knowit.
Records are a cornerstone of compliance. We help you create support for recordkeeping and develop practical routines and processes to maintain records. This is a simple and cost-effective way to show compliance and often a regulatory requirement.
We have long experience of giving education in data protection and GDPR, both to smaller and larger groups. We can tailor educations and workshops to suit the needs of your organization.
In working with GDPR, it is appropriate to deal with the processing that is most important for operations, and most sensitive, first. You cannot do everything at once. Here, we can assist in prioritizing, so that you gradually get the operations compliant, in the most suitable sequence possible. Everything is done from a perspective encompassing both the operations and its risks.
Most companies currently use the services of one or more personal data assistants. Examples of situations where this might be the case are in using cloud services of various kinds or software run on external servers. If you have a personal data assistant, GDPR requires you to have a written and detailed data protection assistant contract. Compared the current legislation, such as the Personal Data Act, the requirements of GDPR are much more detailed. Our competence and experience at Digital Law means that we can help you review your assistant contracts and renegotiate them in a professional way. In this way, you get effective protection against unpleasant surprises.
Under GDPR, companies that process personal data regularly must perform impact assessments regarding the data protection of their processes, a so-called DPIA. The EU states that DPIA must be performed regularly, following each alteration and at least once a year. This applies particularly when the personal data processing entails high risks for privacy. Digital Law assists with everything from method support to performing the acutal DPIA and thus ensuring GDPR compliance.