The client
A UK based property Group that operates a number of recognised high street estate agency brands covering residential sales, purchases and lettings, with supporting services for Surveying, Mortgages, Legal Services and Repossessions.
The work
With compliance against the EU General Data Protection Regulation (GDPR) becoming mandatory from 25th May 2018, the Executive management of the Group wanted to assess the readiness of each company to comply with GDPR, determine gaps and define a remediation plan to address any issues.
How we helped
We provided experienced Data Protection practitioners to assess each company against the 94 articles defined within the Regulation and established their compliance status against each requirement (using a RAG traffic lighting system), determined the gaps, and defined deliverables to address identified weaknesses. An overall “Readiness Assessment” report was prepared and presented to Executive Management outlining the RAG status for each company, and the Group overall, against 14 Domain areas
Value added
In addition to providing the gap analysis, we also provided Executive Management with a consolidated remediation plan and priority of actions to undertake to focus on risk reduction and create a defensible position.