Project Description

The Compliance Challenge

One of the first questions customers ask xWave is about how it protects personal data, so the company wanted to show that its product is world class and that there are no gaps in its GDPR compliance. In many cases, a new customer may need to do a data protection impact assessment (DPIA) before it can work with a new vendor. Given the sensitive nature of personal health information, xWave Technologies sees GDPR compliance as an essential part of its business strategy and as a way of generating trust with customers and investors. Yet many start-ups fear the GDPR compliance process, thinking it will divert management attention from competing priorities such as financing, test customers, and enhancing the product or service. Unfortunately, GDPR can be more of a hindrance than a help for start-ups because it doesn’t provide a framework specifically aimed at early-stage companies that want to be compliant and scale quickly. The regulation in its entirety is daunting and can feel too complex for a small company that needs to be flexible as it grows. This is why we created our GDPR Starter Kit.

Download this Case Study

Download PDF

Why Choose BH Consulting?

xWave Technologies had already been working with BH Consulting on its ISO 27001 certification project when it decided to undergo a GDPR compliance project. This project started small, but the requirements grew as the project progressed. BH Consulting helped xWave Technologies to set up proper GDPR compliant processes that can evolve and grow as the business does.

BH Consulting completed the project efficiently, cost-effectively, and alleviated xWave’s worries about the GDPR compliance process.

As part of the engagement with xWave, BH Consulting delivered:

  • An assessment of the xRefer platform against GDPR principles of privacy by design and by default

  • Guidance and creation of a set of scalable data protection policy and procedures

  • A review of xWave’s data privacy notice to ensure compliance

  • Recommendations on data protection agreements with customer/vendors

  • Flexible templates that can be adjusted quickly to fit the fast-changing needs of a start-up

Outcome

Trust is the number one currency for a start-up; that it can deliver its promise and that it can be a credible partner to its customers. Being able to demonstrate that it considered data protection from the very start helps to build a better reputation and gives start-ups a competitive advantage.

Having proactively taken steps to ensure compliance, xWave Technologies gained more confidence when talking to prospects and customers. With readily available answers to any data privacy concerns, customers in turn have more confidence in xWave.

I found working with BH Consulting on our GDPR compliance project a great experience from start to finish.

It was very collaborative, and I was quickly put at ease and reassured that it was not going to be a daunting process. BH Consulting clearly took us through the steps involved so that I knew from the beginning what the plan was and the steps we needed to take to become fully GDPR compliant. As a start-up company time pressure is huge, so the fact BH Consulting did the majority of the work and so quickly and cost effectively was a massive relief. The expertise BH Consulting provided to ensure we have a robust GDPR compliance framework in place was great. We would have no hesitation recommending BH Consulting to others in a similar position.

Mitchell Gorman, CEO

Let’s Talk

Please leave your contact details and a member of our team will be in touch shortly.

"*" indicates required fields

Name*