Implementation and Maintenance

Global Outreach will conduct a thorough analysis of internal controls with respect to GDPR compliance and project gaps for remediation.

Global Outreach will conduct a Privacy Impact Analysis on predetermined basis for your organization.

Phase1:

Establishing Privacy Program Foundation

A. Study Context

  • Updates with respect to GDPR
  • Identify priority areas to focus on
  • Get estimate of management commitment of resources
  • Hold kick off meeting

B. Examine data collection & processing activities

  • Examine the data collection and processing activities
  • Examine the current compliance measures undertaken
  • Determine level of current compliance

C. Perform Gap Analysis

  • Review collected information
  • Perform a compliance gap analysis from GDPR perspective
  • Set the compliance roadmap

Phase2:

Implementation Consultation & Audit

A. Plan & implement

  • Design policies, procedures, processes for compliance
  • Consultation for technical changes if required
  • Recommend privacy team responsibilities
  • Review customer contracts with privacy perspective
  • Arrange training sessions

B. Due Diligence

  • Identify risk methodology to identify risk
  • Study risk assessment techniques employed
  • Suggest remedial measures
  • Plan response procedures for future data processing activities

Phase3:

Ongoing Monitoring and Compliance

A. Monitor & maintain

  • Continually monitoring compliance
  • Audit trails
  • Proactive response procedures
  • Client contract review and consultation for privacy clauses
  • Vendor evaluation
  • Regular management review to be mandated

DPDP – Indian Regulations​

Covers Processing of Digital Personal Data

Recognise rights of individuals to protect their personal data
Process personal data for lawful purposes

Applicability of DPDP Act

Applies to:

1. Processing of personal digital data in India, collected in digital form

2. Processing of personal digital data in India, collected in non digital form but subsequently digitalized.

3. Digital processing of data outside India in connection with offering of goods and services within India to data principles.

Does not apply to:

Personal data processed by an individual for any domestic purpose.

Our Services: Privacy

  • Assessment of Current State
  • Building Data Privacy System within the Organisation
  • Coverage: Governance, Technology, People, Processes
  • Training
  • Identify Application & Data Store that house personal Data
  • Control and compliance of Data Processors
  • Data Breach Notification and Management
  • Audits
  • Reporting