nlen

Traxion’s AVG/GDPR Assessment offers you a clear overview of the topics that your organization still has to fine-tune for, under the new legislation. Examples include having insight into the personal data that your organization collects and processes, a procedure for reporting data leaks, appointing a Data Protection Officer (DPO)/Privacy Officer (PO) and creating privacy awareness among management and users.

Our integral GDPR/AVG services are aimed at optimally securing your information and the processing of personal data across the full range of people, processes and technology. Thanks to our many years of experience in the IAM (Identity and Access Management) field, we can easily explain the consequences of the GPDR/AVG. Our experience is that by using our services, control, flexibility and the efficiency of data protection for your organization are increased.

Deliverables

After going through the AVG/GDPR Assessment you will have:

  • an overview of the topics that the GDPR still considers you need to fine-tune.
  • an overview with possible data processing which you can use to set up your processing register
  • concrete recommendations on how the GDPR procedures associated with the various rights that individuals have, such as the right to be forgotten, can be implemented in your organization
  • Of course we do this based on the 10 stepsof the Autoriteit Persoonsgegevens (AP, the Dutch Data Protection Authority) in the Netherlands and the 13 steps of the CBPL (Commissie voor de Bescherming van de Persoonlijke Levenssfeer) in Belgium.

Risks

The Algemene Verordening Gegevensbescherming (AVG), also known as the General Data Protection Regulation (GDPR), was adopted by the EU on May 24, 2016 and will be actively enforced as from May 25, 2018. After that date, all organizations and bodies must meet the obligations of the GDPR. If the obligations described within the GDPR are not complied with, the Dutch Data Protection Authority can impose huge fines of up to €20 million or, in some cases, 4% of the worldwide annual turnover.

Steps in the process

Using the Traxion AVG/GDPR Assessment we go through the following steps:

  1. Identifying stakeholders such as the Data Protection Officer and IT Manager in your organization.
  2. A technical scan of your network to identify possible data collections for the processing register to be set up.
  3. Check with stakeholders whether the overview of the data collections is complete and whether personal data are actually processed in all scanned databases.
  4. Interview with the stakeholders using the Traxion checklist. This is used to check whether the processes, procedures and technology comply with the GDPR’s obligations.

GDPR as a Service (GaaS)
With a subscription to GDPR as a Service, Traxion continuously supports companies in handling personal data securely and their compliance with legislation and regulations. We relieve your organization of the bother by means of, among other things, periodic compliance checks, giving advice on intended changes in employees, processes and technology that affect the processing of personal data, tools that help you in putting together a crisis team and dealing with a data leak, carrying out legal procedures associated with requests from persons registered with you, setting up and maintaining your processing register, appropriate proposals for efficient technological, procedural and human solutions, knowledge about the latest technologies and best practices and periodical updates about the agreed GaaS Service Level performance.

AVG/GDPR Security Advisory Service
Based on the status of AVG/GDPR compliance within your company, we advise you on company-specific follow-up steps needed to become and remain compliant. Among other things, the status is determined based on interviews with stakeholders in your organization and an analysis of recorded security incidents. Based on a cost-benefit analysis, together with you, Traxion adapts the research to your company size. In this way, we can objectively advise you on the most efficient way to implement compliance with the AVG/GDPR.

AVG/GDPR Security Implementation Projects
Traxion can help you with the existing applications/tooling within your company to establish the processing register, procedures and crisis management so that you are and remain compliant with GDPR/AVG legislation. In addition, Traxion is a partner of various software suppliers who supply specific AVG/GDPR tools that we can implement if desired.

Integrated Information Security Management
Traxion can also take care of your compliance with the GDPR/AVG on an on-demand basis. With an on-call subscription you purchase a number of hours of advice and support in an economical way and when it suits you best. With the ‘pay what you use’ contract, you always have insight into how much has already been used and what you can still call upon.