An innovative market leader in electrical installation technology came to Eraneos for help after the introduction of GDPR meant that it needed a group-wide initiative to realign IT processes. The project aimed to analyze all technical systems and processes that handle personal data and adapt them to the requirements of the GDPR.
Based on risk analysis, we immediately identified the necessary controls and performed a gap analysis. We then sought to design relevant processes to ensure GDPR-compliant handling of customer data, making sure these were extended by checklists. The design processes included data breach communication, rectification, access, and deletion of personal data, GDPR-compliant customer verification, and data record pseudonymization.
By the end of the project, we had designed processes for GDPR-compliant handling of customer data for the electrical installation technology company throughout the complete information lifecycle. We created checklists for easier process compliance, made templates for official communications, and introduced processes and checklists to all relevant employees.