Christian Bartmann
Partner Risk Assurance Solutions,
PwC Germany
Tel.: +49 69 9585-2848
Email
At the latest since the General Data Protection Regulation (GDPR) entered into force, data protection compliance has become a management issue. While many companies used to regard laws and regulations regarding digital privacy as a burden and a competitive disadvantage, ensuring an adequate level of data protection is now a prerequisite for cooperation and business relationships. It guarantees the appropriate and contemporary handling of personal data, including the protection and care necessary.
Take advantage of our comprehensive services and let data protection become your instrument for the future. By request, we can carry out status analyses, develop implementation measures and implement them with you in your company in compliance with the GDPR. For the certification of your data protection organization, we work in accordance with international standards and use the most advanced know-how from the areas of information technology, technical management and law. In addition, we can provide you with an external data protection officer (eDPO) as a single point of contact. The external data protection officer informs you and your team about important developments by internal audits and regular activity reports and offers you full transparency about the status of your data protection management.
The GDPR applies to every company and every process in which personal data is processed: No matter whether cookies are used, IP addresses are stored or address data is processed. Due to the high potential penalties, the consequences of a poor implementation or a any mistakes can beserious. The GDPR sets high standards, but keeps the question for implementation largely open. Every company must close this gap on its own. In addition, critical infrastructures as well as interfaces to other legal requirements ensure increasingly complex requirements.
The GDPR sets diverse and complex requirements for companies. All processes in a company in which personal data is processed have to be assessed and must therefore be adapted. Not only the rights of data subjects, but also documentation requirements, data security, employee data protection and other aspects must be taken into account. For this purpose, every data controller requires a data protection concept that meets the requirements of the GDPR. Consequently, companies must revise their existing concept or create a new program. However, they are often faced with the question of whether the new concept really meets all the requirements of the GDPR. As part of our readiness assessment, we check your data protection organization and its conception for compliance with the GDPR.
Project phases
Our data protection experts are able to support you during the next steps of the implementation phase. We support you in developing the data protection concept, in planning the implementation steps, the controlling or supporting you in the implementation itself. We also provide expert advice on particular issues such as video surveillance, notification obligation within 72 hours or the preparation of deletion concepts (in accordance with DIN 66398 and the principle of data minimization in Art. 5 (1) lit. b GDPR).
„The GDPR will ensure a more conscious handling of data and a stronger enforcement of data protection law.“
From status analyses via individual consultations - e.g. in the form of training, coaching or workshops - to the development of deletion concepts or complete project support: We develop individual and demand-oriented solutions for your company. Take advantage of our short online test and get a rough overview of your concrete data protection needs.
Christian Bartmann
Partner Risk Assurance Solutions und Co-Lead Kompetenz-Center Process Mining, PwC Germany
Tel: +49 69 9585-2848
Daniela Geretshuber
Member of the Board and People and Corporate Sustainability Leader, PwC Germany
