General Data Protection Regulation (GDPR)

As organizations harness the power that personal data offers, they also take on huge responsibility. As personal data becomes an ever more valuable commodity, cyber criminals are becoming smarter, and regulations are becoming tighter. GDPR is coming into force, and organizations simply must be ready.

There is no room for error – any mistakes will inevitably lead to financial loss and damaged reputation, or maybe worse. How can organizations ensure they protect personal data, as well as themselves?


How do GDPR requirements affect you?

GDPR is an EU regulation related to the protection of personal data and free movement (portability) of such data. GDPR requires professional management of IT security. It is based on risk analysis and implies the usage of security best practices and security measures. This incudes data protection management, reporting and accountability requirements, including a requirement to notify of data breaches, map data flows and conduct data protection impact assessments.


How does GDPR work?

Approved in April 2016, GDPR goes into force in May 2018.  By that time, many organizations will have a Data Protection Officer (DPO) and a fundamental understanding of the processes and the classification of the relevant data. Violation of the GDPR could lead to fines of 4% of your total worldwide annual turnover or 20 million euro – whichever is higher.


How can you prepare?

We enjoy strong partnerships. Together, we are ready to help you prepare for the GDPR. We have designed a portfolio that fits your needs for the new regulation comes into force, whether you have already taken steps or still have a long way to go. As your digital transformation continues, security should be an enabler of competitiveness and change, not an inhibitor. Together with our alliance partners, we have the capability to ensure this is the case.


Proven methodologies for keeping data secure

Capgemini already provides clients with end-to-end data security capabilities, based on a clear understanding of their business stakes and issues, beginning with strategy and roadmap development. We help clients classify data according to its level of sensitivity, and secure the processing of collected data. In defining policies and governance frameworks for enhanced privacy and controls, we set out the roles and organization, along with corresponding IT requirements, to protect data assets (at rest, in motion, in use). We can assess the GDPR readiness of your IT infrastructure. The results provide the starting point for an improvement plan for the Data Protection Officer (DPO).


Capgemini Step by Step Approach to GDPR

Portfolio for GDPR readiness

We are here to help you get ready for the GDPR. We have designed a portfolio that fits into your needs to prepare for the new regulation, whether you are ready or still have a long way to go. Our portfolio considers the most important topics for executives regarding data protection and security. Our portfolio consist of four categories:

We work with organizations from all industries across the globe and have a deep understanding of the GDPR and associated business issues and technology solutions. Our portfolio for assessment, development of a strategic plan, data protection impact assessment and technology will help you get ready for the GDPR.   Please contact us for more information.



Thought Leadership

The “Right To Be Forgotten” to be realized in the coming GDPR!
Read more
The Currency of Trust: Why Banks and Insurers Must Make Customer Data Safer and More Secure
Click here to download Infographic
Consumer Companies are not taking Privacy and Security Seriously Enough
Click here to download Infographic


Associated experts