Our client for this engagement was a market leading brand which prides itself on being at the forefront of digital innovation.
Background
Our client had begun a major transformation across its enterprise, heavily dependent on using data insights (including customer information) and outsourcing services. Our client was also aware of a raft of new laws which would affect it, primarily driven by changes in Europe (General Data Protection Regulation or GDPR) and the introduction of mandatory breach reporting in Australia. Our client was seeking to review and uplift its privacy capability in view of these changes.
Our role
elevenM was asked to undertake a gap analysis of our client’s privacy risk and compliance program. The objective of the review was to understand whether practices, procedures and systems were adequate within the current regulatory framework and to prepare it for the changing laws.
What we did
elevenM developed a program which:
- Identified weaknesses in current practices, procedures and systems
- Highlighted where new laws will introduce additional obligations
- Recommended practices, procedures and systems which enable our client to take a global approach to privacy management