What is GDPR?

The General Data Protection Regulation (GDPR) strengthens and unifies data protection in the EU. Compliance is now a must for all businesses. How does it affect me? If you do any business that involves personal data belonging to EU residents then you need be compliant by the 25 May 2018 deadline. Failure to comply can result in significant finesof up to €20 million or 4% of global turnover.

What kind of data does it relate to?

It can include employees’ and customers’ personal data along with potential customers’ personal data. Any data you hold on a living individual is personal data and covered by GDPR. All departments in your organisation will be impacted.

What do I need to do? You need to review your current level of compliance with GDPR principles and put plans and strategies in place to improve any areas where compliance is low. Compliance is also about continuous improvement and accountability so the obligations are ongoing.

Our Legal GDPR Readiness Audit, Technology Audit & Gap Analysis Services Include;   Legal – Compliance Audit & Advisory

1. Desktop & Onsite Audits to include:


  • Preparation & Review of GDPR Policies

2. Implementation Plan to include:


  • Staff Training & Awareness
  • Data Breach Advices & Procedures

3. On Demand Support Services to include:


  • Bespoke Subject Access Request Support
  • On Demand Data Protection Advices

Technology –  Audit, Policy Review & Advisory Audit


  • Data Audit – Hard & Soft Copy Data Review
  • Software Review Cloud and On Premises Software Review including CRM, ERP & marketing platforms.

4. Policy & Protocol Review to include:


  • Security
  • Backups and RetentionEncryption
  • Third Party Access
  • Remote Access and BYOD
  • User Accounts and Passwords

5. Corrective Advices to include:


  • Compliance Managed Services
  • Project Managed Implementation Plan

Our Data Protection Team & Experience:


Our team is led by Linda Hynes and Dominic Conlon. Linda is a Certified Data Protection Practitioner with PDP and a member of the Association of Data Protection Officers in Ireland. Dominic heads up the Technology Team in Leman. They each have years of experience in; • Advising a variety of organisations from sports bodies to commercial enterprises on their data protection obligations. • Advising large multinationals in respect of the management and transfer of sensitive personal and employee data. • Auditing clients on their readiness for GDPR and assisting with implementation of compliant policies. Fee quotes will depend on size and complexity of organisation as well as scope of services required.

For more information on GDPR, Leman Consulting, please contact Linda Hynes, Larry Fenelon or Karl Manweiler on 01 639 3000