Initial Data Protection Analysis
Analyze, design & optimize.
You have to meet defined data protection requirements and need a determination of the current status? An initial data protection analysis provides clarity and forms the basis for more detailed reviews and in-depth audits prior to certification procedures. By knowing your organization’s data protection situation, you benefit in several ways and make targeted use of optimization potential. An initial data protection analysis is particularly recommended against the background of the entry into force of the new EU General Data Protection Regulation (EU GDPR).
Data Protection - A Management Task
Legislation requires professional privacy practices, especially in view of the changes introduced by the new EU General Data Protection Regulation. But which measures are organizationally feasible and financially meaningful? Talk to us and then make your decision. We will inform you free of charge and without obligation based on your specific operational requirements.
We can do a lot for you
Together with you we will assess the data protection situation in your organization or company. Data protection and IT security go hand in hand. Therefore, we attach particular importance to the holistic consideration of IT security aspects and implemented technical and organizational measures. Our analysis is individually tailored to your business and your organization.
This is what the expert says
Your questions - our services
Do you process personal data in your organization or do you have them processed by service providers on behalf of your organization? Then you should get an overview of which legal requirements you have to fulfill.
Compliance with valid data protection laws is our essential criterion in the context of an initial data protection analysis. We always work from the perspective of the special data protection risks that may exist for you.
The EU’s new General Data Protection Regulation sanctions breaches of data protection more severely. Fines of up to 20 million euros may be imposed. This is compounded by the damage to the corporate image, which is often more severe. By the way: In the case of organizational deficiencies, the management level is also personally liable.
Our recommendations are based on practical feasibility, not only on abstract legal texts. We therefore check with you whether your data protection management actually fits your needs.
Even if you outsource the data processing, you are still responsible under data protection law. We therefore include data processing by service providers in the analysis and, if necessary, explain the data protection requirements in the event of subcontracting (outsourcing).
We randomly analyze the technical and organizational measures you have taken to protect the data. You will receive well-founded feedback on possible weak points.
You will receive a written report from us with concrete recommendations for action and suggestions for your next steps.
Upon request, we will present the results in a workshop on your premises (for example in the presence of the management level).
Your contact person
Short Vita Roman Maczkowsky
Roman Maczkowsky is a certified team leader for audits according to ISO 27001 natively as well as on the basis of IT-Grundschutz, also according to the Energy Industry Act (EnWG) for energy providers and operators of critical infrastructures. He is a proven specialist in corporate data protection and worked, among other places, at the Schleswig-Holstein Independent Center for Privacy Protection (ULD) and for the Berlin Commissioner for Data Protection and Freedom of Information. Roman Maczkowsky is a BSI-licensed IS auditor and IS consultant and works as an instructor in the training of data protection and IT security officers.