GDPR Case History

SCENARIO: A leading-industry marketing company leverages technology and processes data to provide insights and tools to marketing decision-makers. They offer return on marketing objectives, marketing planning software, ROI tracking software to help clients determine ideal spend level, portfolio allocation, media mix, and creative execution.

As GDPR was fast approaching, the company needed to see if their processes were aligned with regulations. For them to achieve compliance, they needed to conduct a GDPR assessment of its policies, processes, and controls.

WCG's STRATEGY:

Wilson Consulting Group (WCG) was contracted to determine company’s GDPR compliance, conduct a privacy impact assessment, and develop policies aimed at managing the rights of data subjects and the legal basis of all held data.

WCG employed a variety of information gathering and analysis tools and techniques. This was in order to determine the organization’s level of compliance.

WCG provided the following services:

• Reviewed security and privacy controls, processes, policies, and procedures
• Conducted cybersecurity assessments, including vulnerability and penetration tests
• Developed data flow maps to assess privacy risks associated during the process of collecting, processing, storing and transmitting personal data
• Developed a remediation plan
• Executed a Data Protection Impact Assessment (DPIA)

WCG provided specific findings and recommendations to assist the company to achieve GDPR compliance. The implementation of these recommendations improved company’s security and privacy posture.

Get Started Now