GDPR SENSITIVE PACK CONSULTANCY
GDPR SENSITIVE PACK CONSULTANCY
2.000,00 € WITHOUT VAT
Designed for organizations with less than 50 employees, which process sensitive data, do not own an online shop and have up to 10 streams of personal data.
| No. | Activity | Deliverable |
|---|---|---|
| A.1 | Initial awareness training on the need to implement the provisions of GDPR 679/2019 | Initial training 1h Interactive live webinar or at the headquarters of Initinvest Consulting, regarding the need to implement the provisions of GDPR 679/2019 for management and department heads within the Organization (in accordance with art. 39 b, art. 47 n), maximum 5 persons; |
| A.2 | Online awareness training for up to 10 employees who process personal data | Online assessment (1 exam simulation and 1 exam) for users of personal data within the Organization and Nominal Graduation Diplomas, GDPR awareness (in accordance with art. 39 b, art. 47 n);
Online assessment (1 exam simulation and 1 exam) for users of personal data within the Organization and Nominal Graduation Diplomas, GDPR awareness (in accordance with art. 39 b, art. 47 n); |
| A.3 | Making records of processing activities | Elaboration of the Register of Processing Records (in accordance with art. 30); |
| A.4 | Data Protection Impact Assessment (DPIA) | 1 Data Protection Impact Assessment Report |
| A.5 | Analiza a tipurilor de activitati/ procese din cadrul Organizatiei | Audit (analysis) up to 10 personal data flows within the organization |
| A.5.1 | Analysis of the types of activities / processes within the Organization | Existing work processes involving the processing of personal data identified and analyzed in terms of the flow of personal data, based on the organizational chart and procedures provided by the beneficiary (in accordance with art. 30); |
| A.5.2 | Analysis of existing work procedures and identification of processes involving the processing of personal data | Analysis interviews conducted - 6 hours online face to face (Skype / Teams - platform dedicated to Communication activities) / InITinvest Consulting head office (in accordance with art. 30); |
| A.5.3 | Conducting analysis interviews with process managers | Questionnaires Applied process analysis (in accordance with art. 30); |
| A.5.4 | Analysis of personal data flows that are not found in the work procedures and validation of existing ones with the responsible staff | Unprocessed work processes involving the processing of personal data identified and analyzed in terms of the flow of personal data (in accordance with art. 30); |
| A.5.5 | Elaboration of recommendations and conclusions | Action plan; |
| A.5.6 | Data mapping - mapping personal data streams | Data mapping for up to 10 work processes identified within the Organization, which involves the processing of personal data (in accordance with art. 30); |
| A.6 | GDPR compliance documentation package | Privacy policy of personal data (in accordance with art. 5 and 12);
Models of Job descriptions updated with GDPR clauses (in accordance with art. 6, 7, 13-23); The procedure for processing personal data with the authorized persons (in accordance with art. 24, 26, 28); Models of personal data processing agreements elaborated with the empowered persons elaborated (in accordance with art. 24, 26, 28); The 3 Procedures required in case of a breach of personal data security (in accordance with art. 32); 3 Model consent forms (in accordance with art. 6, 7, 8); Application forms for the exercise of the rights of the data subjects (in accordance with art. 12, 15, 16, 17, 18, 19, 20, 21, 22);); Information security recommendations (in accordance with art. 32); |
| A.7 | 1 h Dedicated assistance in implementing GDPR telephone compliance / Initinvest Consulting head office | 1 h dedicated assistance in implementing GDPR compliance such as: clarification of various GDPR thematic topics, validation of documentation, discussion of problems encountered. |
Reviews
There are no reviews yet.