General Data Protection Regulation
The General Data Protection Regulation, which has been in force since 25 May 2018, aims to create a homogenous framework for all personal data processing taking place in the European Union.The main objective of this regulation is to ensure that personal data benefits from a high standard of protection everywhere in the EU, increasing legal certainty for individuals and organizations processing data and offering a higher degree of protection for individuals.This regulation, although in direct line and in the philosophy of the previous laws on data protection, also introduces significant changes and obligations for the data controllers and processors.Incorporating these elements in business-as-usual activities often requires an expertise in data protection matters coupled with a good understanding of the business, a double expertise that is not easily to come by within most organizations.Deloitte Luxembourg can support your company in achieving its compliance milestones in a pragmatic and timely manner with our catalogue of industry & sector-tailored offerings:
- Gap Analysis
- Health Check
- Control Framework
- DPO as a service
Our team of experts will support you in obtaining a clear understanding of all the personal data processing taking place in your organization, identify any gaps with the regulation and establish a strategic plan to put your company on the right path to becoming compliant.
Our team of experts will support you in establishing a view of your compliance status with the regulation on 3 main axes (record of processing activities, compliance project plan and target operation model) and provide you with the necessary elements to close the gaps and achieve compliance.
Our team of experts will help you set up the appropriate data protection controls within your organization and define the adequate governance to monitor compliance with the regulation.
Deloitte will undertake the external DPO-function and actively support your organization by monitoring the compliance, informing and advising on the latest takeaways and guidelines of the legislation, as well as accompanying your internal governance in the review of data protection-related documentation.