As GDPR is enforced, companies in India are facing heat now. Due to huge movement of PI at any stage of process companies are bound to comply with GDPR to make sure privacy of data subjects are not compromised.
Most important demonstrable evidence will be GDPR Audit as per EU norms and without this compliance cannot be completed
Our GDPR audit program emphasize on 14 privacy management categories and ensures evidences are created at all stages to prove compliance is in place. Primary categories are
- Checks on processing activities and personal data inventory
- Checks on privacy policies and privacy notices
- Embed data privacy into operations
- Checks on training and awareness programs
- Checks on information security risks
- Checks on third party risks
- Checks on DSAR
- Checks on DPIA and LIA
So what will change?
- Your business development approach
- Your client support approach
- Handling of personal information of individuals
- Imposing data minimization on all business activates
- Rights of data subjects and how to handle that from sales/support representative level
- Time till you keep personal information of individuals
- How to handle Employee/contractor information
- How to make sure you produce demonstrable evidences to ensure compliance is in place. Etc.