Preparing for the GDPR: How can Winterhawk help?

Over the past three weeks, we’ve taken you on a practical journey, describing step-by-step the approaches our clients have taken in preparation for the GDPR.

Step 1) Identify the gaps 

Step 2) Plug the gaps 

Step 3) Moving to Continuous Improvement 

About half of the organisations we’ve been involved with already had a Data Protection Officer (DPO) appointed; of those appointed, half of the DPOs had additional “day job” responsibilities alongside the DPO duties. This is the reality – not all organisations can afford a dedicated DPO.

Over the past month, our articles have highlighted recurring issues and gaps. We regularly see that the challenging areas to address are:

– Educating the workforce, reinforcing a positive, privacy first culture.

– Defining clear roles and responsibilities as well as responses to issues arising from data privacy.

– Effective processes, controls, policies and procedures being reviewed and assessed on a frequent basis.

– Seeking guidance from the DPO with any new system, solution or process that may affect an individual’s data privacy.

Winterhawk has a range of Data Protection and GDPR services and solutions to support any requirement and any length of engagement. These services and solutions include:

1) Data Protection and GDPR Education and Training
Adhoc or formalised, scheduled training for board level, senior management and operations.

2) GDPR Audit Assessment 
2-day onsite workshop to understand current status of compliance, identify gaps and interview departmental stakeholders. Also includes the delivery and presentation of an Executive Management Dashboard Report and detailed Audit Report, highlighting all gaps, and providing recommendations and actions to remediate issues.

3) GDPR Compliance Service
Issues remediated in a compliance project and any recommendations from the audit are implemented.

4) Outsourced / Third party Data Protection Officer
Expert advice provided as and when needed to review current processes, controls, policies and respond to subject access requests.

5) GDPR Synergy Cloud Solution
SaaS based content library and platform supporting the Governance, Risk and Compliance activities needed to demonstrate Data Protection.

About Winterhawk

Winterhawk offers a variety of Data Protection, Privacy and GDPR services. For more information, visit our GDPR Services page or email us at

If you liked this blog and would like to be notified of new articles and updates follow us on LinkedIn or Twitter.