What is the GDPR?

The General Data Protection Regulation is a pan-European law that came into force on the 25th May 2018. The GDPR has been developed by the European Union Commission and supersedes other (national) laws and the Data Protection Directive.

The GDPR requires all data controllers and data processors that handle the personal information of EU residents to “implement appropriate technical and organisational measures […] to ensure the ongoing confidentiality, integrity, availability and resilience of processing systems and services”. The Regulation requires organisations to put in place a compliance framework which demonstrates that they are implementing appropriate technical and organisational measures to ensure that processing of personal data is performed in compliance with the GDPR. “Processing” is essentially anything done to the data, including storage.

What is the purpose of a GDPR Compliance Review?

At the present time, there are no formally approved standards that organisations can achieve to demonstrate that they are complying with the GDPR. ACM has therefore developed the GDPR Compliance Review as a service for organisations to enable them to check whether they are complying with the Regulation and to enable them demonstrate that they have been independently reviewed against the requirements of the Regulation.

What does the GDPR Compliance Review involve?

The GDPR Compliance Review involves assessment of an organisation’s compliance with the relevant and applicable sections of the General Data Protection Regulation.

The Compliance Review process involves completion of a number of questionnaires, interviews with relevant staff and on-site inspection of documents and other evidence. Following this, a Compliance Report will be produced and discussed with the client before being finalised.

The Compliance Review will be performed by a qualified GDPR Practitioner.

What are the benefits of having a GDPR Compliance Review?

The GDPR Compliance Review will provide organisations with an independent review of their compliance with the relevant and applicable sections of the Regulation. The Review will identify any areas of non-compliance and will provide recommendations on changes that should be made to ensure compliance with the Regulation.

The GDPR Compliance Review will enable organisations that are subject to the Regulation to demonstrate that they have been independently reviewed against the requirements of the Regulation.

What is the cost of a GDPR Compliance Review?

The cost of the GDPR Compliance Review will depend on the number of departments or business units within an organisation. Please fill in the application form and ACM will then contact you to discuss your organisation, before preparing a bespoke quotation for you.