The Challenge – The client has embarked on a GDPR review process and realised that the project was failing to fully understand where the GDPR at risk data was.
As a government agency organisation that has multiple layers and teams across different functions the major challenge was communication and a framework to ensure all GDPR related areas were explored and any perceived risks identified, mitigated and documented. The budget was already defined so ONQU work on a fixed price Statement of Work (SOW) delivery framework.
Working with the Program Delivery teams ONQU designed and ran a series of GDPR workshops for both education and identification of the GDPR work streams.
The 18 work shops and work streams have included HR, Customer Services and Legal to document the internal processes and then identify the data touch points that may be referenced by the GDPR regulations.
Once the review and workshop exercise was complete and program of work will be required to oversee the changes and ensure that compliance was achieved.
ONQU will be recommending a Data Protection Officer service with a GDPR software solution to help manage the ongoing regime to ensure the client maintains the GDPR compliance.