With the legal gap analysis or privacy impact assessment the organization is fully prepared to plan the specific steps that it has to take to bring itself into full compliance. For this purpose, our team assists the organization in coming up with a comprehensive compliance roadmap. As the organization sets up its roadmap, it might observe that some steps will be trivial (like installing a firewall or imposing encryption rules on all electronic data). Others will be more complicated; as in cases where there may be multiple options available that have different cost implications. Other decisions may need a balancing of business considerations and legal risks. For example, online users may choose to leave the organization’s site if a consent form is required. Hence, the legal necessity to secure the consent may need to be examined more closely and weighed against the cost of losing a potential customer and having an impact on the organization’s goals.
Consequently, each organization’s compliance journey will vary depending on the gaps identified, its business objectives and its risk preference. Our team further assists in this process by supplying legal advice and presenting options to allow organizations to allocate risks and fashion an implementation process that strikes a balance between its goals and its legal obligations to data subjects.