General Data Protection Regulation

All businesses in the EU and all non-EU businesses that are dealing with data of EU-citizens or direct their business activities to the EU will be affected by the General Data Protection Regulation (GDPR). The Regulation (EU 2016/679) shall apply as from May 25, 2018. It introduces new privacy and data protection requirements. In order to be compliant, businesses may need to implement new controls.

As a security and network company, SpotIT, has established a Data Protection team consisting of legal and IT consultants. By combining these skills SpotIT aims at supporting businesses in all GDPR aspects as a one-stop-shop.

SpotIT GDPR Approach

As for all our services, the SpotIT approach is focused on becoming a trusted advisor for our customers and providing them with innovative security & networking solutions that bring a big strategic advantage and insight. SpotIT wants to start a journey with each customer and build a long-term relationship based on highly specialized knowledge, commitment and trust.

In the light of the SpotIT values, we have developed an approach to help our customers with GDPR compliance. Our Data Protection team is skilled and has the necessary expertise in security and network to support your business in all aspects of the GDPR.

Our compliance program involves the following services:

-      Awareness training for end-users, management and IT

-      Relevancy & Compliance check

-      GDPR-audit (gap analysis)

-      GDPR implementation roadmap (based on gap analysis)

-      Support in GDPR implementation

-      GDPR Monitoring

-      Data Protection Officer as a managed service (infra)

These services are customized to the needs of your business.

Data Protection Officer as a managed service

Your business may have an obligation to assign a Data Protection Officer (DPO). This role can be assigned internally or externally. Even if there is no obligation to assign a DPO, assigning one is recommended for all companies dealing with personal data. Reason why, is that GDPR-requirements are specific and demand multidisciplinary skills which should be combined in one person who has insight in all data processes within a firm.

On top of these skills, GDPR also requires that the DPO operates independently and free of conflicts of interest. As this will be a big challenge for a lot of companies, SpotIT wants to reach out and help customers by offering DPO as a managed service. Our DPO’s will monitor the compliance level of your business and will support your business in all aspects of ensuring the effectiveness of the GDPR requirements.