From 25th May 2018, all organizations that handle the data of EU citizens will be required to comply with a single set of rules about data governance, regardless of where the organization is located. The introduction of the General Data Protection Regulation (GDPR) will dramatically change the way in which data is stored, shared and moved. The legislation will give individuals greater rights and control over their data by way of consent as well as the power to access, rectify or erase information held and the right to be informed.

With severe non-compliance penalties of up to the greater of EUR20 million or 4% of worldwide turnover, the GDPR will make organizations more accountable for their approach to data, and the changes must be given appropriate consideration.

Businesses have two years to make sure they are technically and organizationally ready for the legislation coming into force. That might sound like more than enough time to prepare, but getting your house in order is not an overnight task. The far-reaching nature of the GDPR means every aspect of business will feel its impact and, in places, entire processes will need to be replaced or set up from scratch.



BG/PICA data protection consultancy can help you meet the requirements of EU General Data Protection Regulation (GDPR).
Our specialist data privacy consultancy team can provide you with the necessary expertise to implement a total privacy program that meets your compliance requirements. We can also undertake an initial gap analysis of your current compliance regime if you are just getting started with a data protection program.



Help You Understand how GDPR affects you:
Businesses are going to be impacted by GDPR in different ways so we can help you carry out a full assessment of which changes apply to you and the areas which present the greatest risk.

Review of Existing Systems/Processes:
The law will hold organizations fully responsible for meeting the new data requirements, so we can help you review existing systems, practices and procedures (including 3rd party arrangements) to ascertain gaps and help you rectify shortcomings in the handling of Personally Identifiable Information to avoid hefty fines.

Data Mapping.
Data mapping involves plotting out all of the organizations’ data flows, which involves drawing up an extensive inventory of the data to understand where the data flows from, within and to. Data Mapping is an essential step to prepare for compliance with the EU General Data Protection Regulation (GDPR). We undertake an audit of the personally identifiable information (PII) in your organization and prepare a data flow map that will help you to identify where your data resides. The audit will enable you to understand your risk landscape and where controls need to be implemented.

Compliance Management:
Depending on the level of change required in your business, we help to put in place GDPR Compliance Measures which include raising organizational awareness, developing a compliance framework and compliance timelines, undertaking Data Protection Impact Assessments, training of essential privacy management staff, putting in place technical controls to avoid data breaches and developing data breach incident response mechanisms/procedures.

We can help your organization achieve its privacy goals and compliance obligations in time for the implementation of GDPR through cost-effective advice and support.


Since 1982

22 Offices Worldwide

Cost Effective Solutions

Proven Return on Investment

•  Atlanta  •  Bogota •  Buenos Aires  •  Chicago  •  Cincinnati  •  Columbus  •  Dallas  •  Lima  •  London  •

•  Los Angeles  •  Mexico City  •  Miami  •  New York  •  Panama  •  Tampa  • 

© 2020 PICA Corporation.