GIMPR - GDPR Methodology
GIMPR - GDPR Implementation Methodology based on PRINCE2(R) Project Management
We prepared our own and unique methodology to implement GDPR compliance fast and in effective way.
The GDPR compliance is a standard ICT project where the subject of matter has to be set by legal dept of the client (based on client's business units requirements and client's legitimate interests) and (1) ICT has to change all ICT information systems to have the full funtionality required by GDPR (the right of Data Subject to be forgotten or others), (2) the governance & compliance dept of the client has to adjust the paper-based processes and (3) there has to be started the continuous process to stay GDPR compliant.
We provide End-to-End services for GDPR compliance, specifically for the clients with complex organisation structure from GDPR view. It can be: (1) client's headquarter (HQ) is located outside the EU (for example in USA), (2) the client has one or more production or business units in one or in several European countries and/or (3) the client is processing of the personal data of Data Subjects (i.e. any identified or identifiable natural person) in the USA or in other non-European Union country.
Such a GDPR compliance project is similar to the SOX (Sarbanes-Oxley Act) or others compliance requirements where legal act is setting the ICT changes.
The GIMPR Methodology is primarily targeted to the top management of the GDPR-liable client. It can accelerate the GDPR project effort by one or more months. The dead-line of GDPR compliance start is May 25th, 2018.
The GIMPR Methodology is sold separately (License Agreement based) or used in GDPR compliance project with our services used (with 50% discount). The license is mandatory for every Controller or the Processor (based on the GDPR terminology and role definitions).