Let us educate your company on secure data protection
At Sixtus Compliance we can devise and implement a tailored programme, centred around training management and staff to uphold GDPR compliance. While creating a unique programme for each company, we always kick off our collaboration with a workshop.
Here we analyse all your business processes, looking at collection and storage of data, e.g. IT-systems, suppliers and products. We discuss your IT-security needs and map out the steps towards GDPR compliance, also examining whether it is necessary to have a data protection officer (DPO).
As your consultants, we make recommendations, check lists and necessary standards, a process which also involves tasks for your employees. In most cases, 3-5 implementation meetings are needed, depending on the extent of the task and the size of your company. We focus on which new tools you will need, and which existing systems can be integrated or reused.
Together we assess the situation and ensure that you
- Develop a GDPR mindset amongst management and staff
- Define procedures in the case of data breaches
- Keep track of the rights of all registered individuals incl. necessary declarations of consent
- Have IT-procedures for security, privacy settings and disaster recovery
- Implement the necessary management tools
- Have support for GDPR auditing
Management and employees
It is important to assign one or more people internally, who have oversight over your GDPR processes and who also has the authority to make decisions on any urgent GDPR-matters. In the case of small and medium-sized companies, they will typically be the owner/CEO, CFO or CHRO.