Applying new EU data protection (GDPR) legislation, analysis and action plan


Applying new EU data protection (GDPR) legislation, analysis and action plan

Customer provides innovative, easy and flexible facilities for everyday banking, insurance and the management of personal finances. The company has an annual multi-Billion turnover.

Project targets

New EU General Data Protection Regulation (”GDPR”) entered into force in the spring 2016. GDPR becomes applicable after a two year transition period. During the transition period the data controllers must adopt the new data processing rules and practices. The target of the project was to analyze the maturity of the data protection management in a customer organization and to provide an action plan to implement the needed measures for improving the data protection capability to meet the GDPR requirements.

Our responsibilities

  • Analyzing the current state of the customer data protection capabilities (organizational, process, data and technology) in the customer organization
  • Visualizing the key findings into well understandable format
  • Identifying and documenting the critical areas of development
  • Provisioning of a master plan for the needed key development areas
  • Preparation of a project description for each key development area
  • Communication findings to customer’s executive board

Customer value

  • Customer received a full visibility on their maturity to apply for GDPR legislation
  • Customer management team received a structured view to current state on applying with GDPR legislation
  • Customer management team received a structured 36-month development roadmap with related investment plans