The new privacy regulation GDPR has brought many changes. New information security requirements are being imposed, old requirements are being tightened up, and you have accountability towards both the government and your customers about the use of personal data. With a Compliance Scan from ICT Institute you have an extensive insight into what you already do well and where there are points for improvement, in just two working days.
The Compliance Scan was developed by consultant and Privacy expert Joost Krapels during his master internship at ICT Institute. The scan covers the ten most important GDPR topics, which makes it an excellent indicator of your current privacy stance. During the interview, we will, for example, identify with which parties you exchange personal data and whether your processing agreements are complete. The scan can be done in either English or Dutch.
After acceptance of our proposal, we take the following steps:
- Scheduling the appointment
- Interview / discussions on location about your current privacy situation and any details or risks to cover
- Review for the presence of mandatory documents (register of processing activities, processing agreements, privacy statement)
- Discussion of decisions to take, such as the appointment of a Data Protection Officer and the execution of DPIA’s
- Processing the collected information into a well-organized report
The outcome of this approach is a short report that clearly describes your current GDPR compliance status and the steps to take towards full compliance. The expected lead time is two working days.
Time and costs
Completing the Compliance Scan costs € 800 excluding VAT for a small company. The interview itself takes about three hours. We kindly request medium-sized and large organizations to contact us via the contact form at the bottom of this page for a suitable quotation.
For further questions you can fill in the contact form at the bottom of this page. For a suitable quote you may use the form as well, or contact us directly via info_at_ictinstitute.nl.
Frequently Asked Questions
My organization consists of only three employees, is there any use in doing the scan?
For small businesses it is just as important to have their GDPR compliance in order as it is for large organizations. With all privacy related matters in order, you help your own company, organizations you work with, and of course your customers.
Which of my employees is the most suitable for the interview?
The most suitable person in the organization differs per organization. A board member with some technical knowledge is often the best choice, since they can answer the questions about current processes and policies.
Image credit: @olloweb via Unsplash