GDPR Data Impact Assessment

Determine whether the European Union (EU) General Data Protection Regulation (GDPR) applies to your organization and assess your readiness.

GDPR is here. CLA (CliftonLarsonAllen) can evaluate your controls around your ability to process, store, and protect personal information to help you comply with one of the most significant pieces of data protection legislation in 20 years.

What’s on your mind?

  • Pursuing your due diligence on GDPR
  • Navigating GDPR’s “right to be forgotten” with U.S.-based regulations
  • Worrying about GDPR fines
  • Protecting data, and identifying and resolving gaps
  • Managing digital opt ins/opt outs and informed consent notices
  • Complying with breach notifications

A unique approach

CLA offers more than 30 years of audit, cybersecurity, and data privacy experience, and has worked extensively with U.S. privacy policy requirements like HIPPA and payment card industry data security standard (PCI-DSS) compliance.

We approach each data impact assessment through the lens of your industry and how you work within it. That insight will guide the roadmap we build for you, so you can reach the necessary compliance from your current position. You will walk away with a clear action plan that supports GDPR compliance, processes, technical controls, and organizational structure.

GDPR impact, readiness, and compliance assessment services

Our general controls review considers more than 200 factors. We offer:

  • Readiness assessment (data mapping and data flow)
  • Controls assessment and testing
  • Gap evaluation
  • Remediation (privacy notices and policy and procedure review)

Supporting activities for an overall GDPR compliance program

Effective date for GDPR and the entities it impacts

Effective on May 25, 2018, GDPR not only applies to organizations located within the EU but it also applies to certain organizations located outside the EU. Consult with experienced data security attorneys to determine its applicability to you and your appropriate compliance requirements.