General Data Protection Regulation has changed and is continuing to change the way businesses deal with and use the data of their clients; otherwise known as “data subjects”.

In very simple terms, the GDPR means that organisations will need to take a more proactive approach towards management of personal data.

The GDPR has given the data subject significant decision-making power to decide and determine how they want their data to be used when collected by businesses that they interact with for services.

For businesses in UK and around the world, this is a game changer and an unfamiliar terrain, and many have started to understand how GDPR may affect them and the risk it poses to them which can be from hundreds of thousands to millions of pounds, dollars or Euros in the event of a breach or non-compliance with the law.

Organisations that are forward thinking and understand how being compliant with the GDPR can potentially affect their bottom line positively will simply not treat GDPR as another compliance issue. Instead, they will take a more robust view to managing client personal data and create an overall better experience for their customers and stakeholders.

At MichelleBelle Compliance Solutions, we have been working with businesses around the world to close the gap between where they are now and where their processes need to be for them to be compliant. We do this by undertaking an awareness campaign/training with the relevant stakeholders and staff, conduct Privacy Impact Assessments including Data Flow Mapping, identify risks provide recommendations and create solutions as a remediation plan for identified risks.

Some of our recent work includes:

Compliance Assessment

Helping a UK-based Estate Management Agency to conduct a detailed assessment of their existing data protection capabilities against the UK Data Protection Act and the GDPR and identifying key areas of improvement and remediation.

Full Gap Analysis

Conducting the full gap analysis of processes within a UK-based immigration services company against the GDPR, identifying key areas of improvement and remediation, and project managing the proposed actions to implementation.