The Service

The General Data Protection Regulation (GDPR) is a regulation in EU law covering data protection and privacy for all individual residents of the European Union and the European Economic Area. GDPR has enforced a set of obligations for organisations of all sizes, that store, process or analyse personal data of EU residents, regardless of where they are based.

GDPR gap analysis is an assessment of your organisation’s current level of compliance with the regulation. It helps to identify potential gaps and prioritise key work areas that you must improve on to demonstrate compliance.

This service can be carried out remotely.

The Benefits

  • Gain understanding of where your organisation currently is in relation to GDPR

  • Establish a realistic scope and time frame for the work required

  • Obtain a clear road path to demonstrate alignment with GDPR

  • Reduce overall costs and resources associated with GDPR compliance

  • Avail of subject matter expertise and practical recommendations of our senior consultants

  • Focus on your core business while outsourcing your GDPR requirements

The Challenge

Many organisations do not have the necessary expertise internally or the budget or need to employ full time dedicated data protection personnel, to fulfil their obligations under the GDPR.

Whether you are looking for a more cost-effective solution or the expertise of data protection consultants, our gap analysis can bring clarity on what you need to do to demonstrate compliance with GDPR. Our data protection team have experience of working with large and more complex organisations, public sector bodies and SMEs helping them on their journey to compliance with GDPR. 

Our Process

At BH Consulting, we understand GDPR compliance can seem daunting and complicated for many organisations. Our GDPR gap analysis is an in-depth review of how your business stores, processes or analyses personal data belonging to EU residents. Our team are qualified senior data protection consultants, with extensive data protection and information security project management expertise. They have an in-depth understanding of the GDPR requirements and how they should be met.

We will assess your current position and identify any potential gaps in your current processes and procedures. In addition, we will provide you with practical recommendations on what you need to improve on to comply with GDPR. The following areas will be considered as part of this service:

  • Scope of compliance

  • Data Controller and Data Processor Responsibilities

  • What personal data is held, where is it held and why

  • What categories of personal data are held

  • Consent processes and responsibilities

  • Who has access to the personal data and why

  • Subject access request processes

  • DPO Roles and Responsibilities

  • Data Subject Rights

  • Privacy by Design and by Default

  • Governance and Risk Management

Let’s Talk

Please fill out the below form and we will get back to you as soon as possible