• Facilitate an internal kick-off and begin to launch an effective response program to the EU GDPR across the organization.
• Examine the challenges posed by the GDPR and the benefits of proactively demonstrating that the organization is compliant with the new requirements.

Anyone who is or will be a member of the GDPR preparation team; Stake holders from key data processing areas (HR, Marketing, Finance, Data Manager, Data Scientists, Data Analysts, Clinical); Supervisors from appropriate user teams.

0,5 day : Unlimited number / 1 day : Unlimited number / 2 days : max 8 people

MyData-TRUST is experienced in risk assessment services which can be performed either with a limited scope specifically towards GDPR compliance or with a broad scope towards enterprise IT security risk.

The Data Protection Gap Analysis (DPGA) is the first step of GDPR implementation. It specifically determines whether regulatory requirements are being met and, if not, what steps should be taken to ensure they are met successfully. The analysis highlights the high risk processing activities and defines the key elements of the data processing activities. It allows to build up the first version of the Data Processing Activities Records.

The gap analysis exercise is carried out on site for 1 day, by 2 DPOs from the Life Science sector. Experts will analyze and evaluate the client’s process data flows and provide professional advice when risks are identified.
Typically, the process starts with a meeting involving experts and key stakeholders of the company to achieve a deep understanding of data flows and risks.

After the initial 1-day evaluation, you will receive a 100-pages professional report detailing our findings and recommendations and include a high-level action plan. After the intervention and the delivery of the report, a debriefing meeting of about 2 hours will be set up to answer to any questions, to summarize the main points of vigilance and to take stock of the actions to do as efficiently and as easily as possible.

Our experts will present their recommendations and will be able to create an action plan prioritizing the order of execution of the tasks in progress.

Data Protection Impact Assessment consists in performing a preventive analysis concerning personal data processing risks to the rights and freedoms of natural persons. This tool is designed to measure the levels of privacy and security provided by the system, and suggest possible improvements.

The Information Security Assessment (ISA) is a measurement of the security posture of a system or organization. The security posture is the way information security is implemented.
Security assessments are risk-based assessments, due to their focus on vulnerabilities and impact. Security assessments rely on three main assessment methods that are inter-related. Combined, the three methods can accurately assess the Technology, People, and Process elements of security.

According to the GDPR, data controllers may only appoint data processors which provide sufficient guarantees to implement appropriate technical and organisational measures to ensure processing meets the requirements of the GDPR. Processors are required to process personal data in accordance with the controller’s instructions. This imposes to data processors an indirect obligation to comply with many of the requirements which apply to controllers, albeit at their instruction.
MyData-TRUST is able to support you with the assessment of your providers in order to ensure GDPR compliancy all along the data flow of your processes; remotly via a survey or on site via an Audit.

By taking time to understand your specific business cases and the issues and challenges you are facing, our Legal Advisory team uses their EU Data Protection knowledge to help you challenge conventions with partners and third parties.
Our Legal Advisory team is working closely with our clients. Together, they can help you to setup Binding Corporate Rules.

Ad-hoc consulting is an easy way to out-contract services for a pre-defined period of time.

If you need Data Protection professionals to assess vendors, to perform a gap analysis, to setup a corrective plan; to implement CAPAs or to organize customized trainings, ad-hoc consulting will give you the flexibility you are looking for.
​
We can also do some risk assessment if needed.

MyData-Trust Data Protection as a Service (DPOaaS) approach enables you to have access to the skilled and certified people where, when and how often you might require.
Choose MyData-Trust DPOaaS and you can benefit from scalable capacity, dedicated staff, the ability to reduce fixed costs and optimize data protection activities.

DPO support – DPO network for clinical studies

The Data Protection Gap Analysis (DPGA) is the first step of GDPR implementation. It specifically determines whether regulatory requirements are being met and, if not, what steps should be taken to ensure they are met successfully. The analysis highlights the high risk processing activities and defines the key elements of the data processing activities. It allows to build up the first version of the Data Processing Activities Records.

Our people are multi-disciplinary (legal, IT, Life Science) and have extensive experience across numerous sectors.

Our people are certified in Data Protection, Project Management and/or ISO standards. They are members of The International Association of Privacy Professionals. They are trained on DP tools and software that allow them to perfectly address GDPR requirements.

Specific team members are dedicated to your organization. Dedicated staff becomes familiar with your products and processes which streamlines how we work together.

Every relationship is designed to meet the customer’s needs and service delivery configurations and options.

The Data Protection Representative is the key contact for authorities. He must have a clear understanding of the data processing activities. He is not legally liable for the Controller but he will have to address questions and comments from authorities in an appropriate manner.

MyData-TRUST provides the DPR service in all the EU and in the UK.