Are you ready for the GDPR?
Take the quick test.

The countdown to the GDPR has begun. Where are you already meeting the requirements and where do you still need to push forward the transition? Take a short test to receive valuable information on this matter. It only takes around two minutes to answer a few questions on the various areas, following which you will receive a chart giving you an overview of the areas in which you are currently on the way to GDPR.

What is GDPR?

The GDPR (General Data Protection Regulation) aims to give EU data subjects back the control of their personal data. Most organizations are concerned about the potential significant financial penalties the Regulation can bring. Some forward-thinking companies, however, are also planning how to turn GDPR into an opportunity in 2017.

QUICK TEST GDPR

Result

Would you like to know more about our GDPR readiness assessments? Our experts can tell you more.

Or call us directly on: +31 205145461
and quote this code: Analytics

 
 

Please note: This online assessment serves as an illustration only and cannot replace professional on-site advice. Please pay attention to the notices.

Legal notice: Each customer bears sole responsibility for adhering to the applicable laws and regulations, including the GDPR of the European Union. The customer alone bears responsibility to obtain advice from a competent legal body on the content and interpretation of all relevant laws and provisions that relate to its business activity and to any measures it may introduce to ensure adherence to these laws and provisions. The products, services and other functions described in this document are not suitable for all customer situations and may only be available to a limited extent. IBM provides no legal or tax advice and gives no guarantee with regard to the conformity of IBM products or services with the applicable laws and provisions.

Start your GDPR journey

Only the organizations that deliver true transparency to their customers will build strong trust in the brand. Start the GDPR transition with an emphasis on your customer – to drive process, policy, technology and people decisions.

How can IBM help on your journey to GDPR readiness?

IBM offers comprehensive solutions, services and expertise to help support your journey to GDPR readiness. There are five key areas that need to be addressed.

icon

Governance

Determine how you can translate GDPR into actions, norms and values. Consider what measures need to be taken, are they effective and how can you improve them.

icon

Governance

Determine how you can translate GDPR into actions, norms and values. Consider what measures need to be taken, are they effective and how can you improve them.

icon

People & communication

Train your employees on GDPR requirements. They need to understand the risks and impact of improper data use.

icon

People & communication

Train your employees on GDPR requirements. They need to understand the risks and impact of improper data use.

icon

Processes

Take a look at your processes: how GDPR will influence them, what’s the impact and how you can manage the required changes.

icon

Processes

Take a look at your processes: how GDPR will influence them, what’s the impact and how you can manage the required changes.

icon

Data

Govern and ensure the quality of your data, assess what data you have, what you’re using it for and consider how you can interact with individual customers, clients, or third parties. This is crucial for offering transparency and trust which is demanded from GDPR.

icon

Data

Govern and ensure the quality of your data, assess what data you have, what you’re using it for and consider how you can interact with individual customers, clients, or third parties. This is crucial for offering transparency and trust which is demanded from GDPR.

icon

Security

Protection of the fundamental privacy rights (e.g. protecting the security and confidentiality of Personal Data, but also providing proper use, notice, consent, choice, access, rectification and erasure, just to name a few.

icon

Security

Protection of the fundamental privacy rights (e.g. protecting the security and confidentiality of Personal Data, but also providing proper use, notice, consent, choice, access, rectification and erasure, just to name a few.

Get started with an assessment

Our assessment can help you to decide on the best approach, step by step and in a structured way.

Assessment

Overview

GDPR is more than just information security, data governance or training employees. It is complex and far-reaching legislation, comprising many components that touch organizations in numerous ways and at all levels.

At the same time, GDPR is just the latest in the ever-increasing number of regulations which needs a strong Information Governance program and technical framework to succeed. A comprehensive approach is required, taking all of its aspects into consideration.

The assessment we developed can be a great help with that, whether your company has already begun tackling GDPR or is preparing its first moves. The assessment begins with determining the main GDPR stakeholders in your organization per key area of attention. This is done together with the person responsible for data privacy in your organization (you may even already have a special data privacy officer in place). These stakeholders might be: representatives of the HR department, for communication, training and personnel data; of the marketing department, for protecting your brand and your customer data; and of the IT department, for security issues. Interviews and workshops will be planned with all these people.

There are two versions of the assessment.

The first is ‘speed week’

  • takes just one week
  • for companies which already have a GDPR readiness.

Together we will look at your roadmap to understand how complete it is and how we can help you realize your goals and speed-up the process.

Or do the fuller assessment,

  • takes four to six weeks, depending on the number of stakeholders involved.
  • addresses all five key areas and GDPR requirements.

Both types of assessments will lead to a practical roadmap, in a short period of time, drawn-up in close co-operation with your internal stakeholders and owned by your data privacy officer or designated individual.

The Goal

The main goal of the IBM assessment is to create a road map to help prepare your organization for GDPR, looking at the five main areas of attention to determine what needs to be done:

  • governance
  • people and communication
  • processes
  • data
  • security

The focus should be on where your company´s biggest risks are and to be sure to address these issues first – helping you to become ready for the respective GDPR requirements by May 2018.

Checklists and accelerators

Checklists and accelerators help ensure the effectiveness of the sessions. We developed GDPR outcome-based materials like:

  • an overview of all GDPR requirements and measures,
  • a list of all types of personal data
  • ready-to-use agendas to be customized for the different participants in the interviews or workshops

During the workshops the GDPR requirements are weighed against the processes, norms and values of your company in a consistent manner. The gaps and priorities found will lay the foundation for your roadmap.

Meet our GDPR experts

Rob Langhorst

Rob Langhorst

European GDPR offering leader

Bert Vanspauwen

Bert Vanspauwen

Associate Partner - Security Services

Christophe De Melio

Christophe De Melio

Executive Analytics Architect



IBM's commitment to GDPR readiness

IBM is committed to providing our clients and partners with innovative data privacy, security and governance solutions to assist them on their journey to GDPR compliance.

Trust in Data

Data and its protection are becoming increasingly important to individuals and society. Enterprises must earn the public's trust in their ability to steward information. As IBM's long history of security and privacy leadership demonstrates, IBM understands that protecting privacy is essential to gaining trust. IBM was one of the first companies to appoint a Chief Privacy Officer, to develop and publish a genetics privacy policy, to be certified under the APEC Cross Borders Privacy Rules system, and to sign the EU Data Protection Code of Conduct for Cloud Service Providers. Now, IBM is continuing its long-standing leadership in the area of data privacy by responding proactively to the General Data Protection Regulation (GDPR).

IBM Commits to GDPR Readiness

IBM currently complies with privacy laws around the world. IBM is also preparing to comply with the European Union's new General Data Protection Regulation (GDPR) which will go into effect in May 2018. IBM has established a global project to prepare for GDPR, both for our internal processes and for our commercial offerings. IBM recognises that our customers will rely on IBM's offerings and technical assistance to achieve GDPR compliance within their own organizations and IBM is well-positioned to meet this critical need.

As part of its GDPR project, IBM is enhancing its ongoing commitment to privacy by design. IBM is working to embed data protection principles even more deeply into its business processes, with the objective that technical and organizational security measures limit, by default, the amount and use of personal data to what is specifically required. This work will also strengthen controls already in place to limit access to personal data, including with respect to mobile applications that rely on sensible default settings to prevent personal data from being inadvertently shared with others.

Resources

 

The Journey to Value - Creating a sustainable, governed data asset for GDPR and beyond

Learn how IBM is helping clients in getting ready for General Data Protection Regulation (GDPR).

 

Planning for the General Data Protection

Considerations and recommendations to help you prepare for the upcoming GDPR data privacy standards.

 

Prepared for the GDPR? Top 10 Findings From Hurwitz & Associates Survey*

Learn the 10 most interesting findings of a recent survey Hurwitz conducted, with responses from organizations in 11 countries. The majority of companies were in the technology, professional services and financial services industries.

 

GDPR - How it works

This ebook is intended to provide friendly and helpful advice and is not a definitive statement of law.

*This report was developed by Hurwitz & Associates - with IBM assistance and funding. This report may utilize information, including publicly available data, provided by various companies and sources, including IBM. The opinions are those of the report’s author, and do not necessarily represent IBM’s position.

Thank you. An IBM representative will contact you to discuss the options.