Our experienced gdpr compliance consultants are not registered to practice law in foreign jurisdictions and will not provide clients with local jurisdiction legal advice. Instead, we work within your team to assess your organization's GDPR compliance risk and deploy established, recognized, Data Protection "best practices" and compliance tools, in each applicable eu jurisdiction (supplemented by local counsel guidance when necessary to identify jurisdiction-specific gdpr considerations).
In anticipation of the May 2018 deadline for GDPR enforcement, "regulatory" DPO appointments will be available (on a two-year (min.) contract) at a flat rate of $75,000 annually, paid quarterly in advance for each calendar quarter our DPO consultant is officially disclosed to a regulator and/or identified on your website (DPO services in excess of 40 hours per quarter separately billed at $250.00 per hour). Because the termination of a DPO will need to be documented and justified based on the GDPR guidelines, careful consideration of the business experience and privacy expertise of the initial DPO appointee will be very important. GDPR Design Group DPO resources will include with sufficient legal and business experience in technology and marketing to apply prudent business judgment in guiding GDPR compliance programs.
Contact: Roger D. Edwards, Esq., M.B.A, Principal Consultant
Privacy Professional Certifications:
** International Association of Privacy Professionals https://iapp.org/
IAPP "Fellow Of Information Privacy" designation (FIP)
CIPP/US (USA), CIPP/E (EU), CIPM (PRIVACY PROGRAM M ANAGER) & CIPT (PRIVACY TECHNOLOGIST)
** IT Governance UK www.itgovernance.co.uk/
Phone: (mobile) 650.380.9887
LEGAL NOTICE: THE GDPR WILL ON MAY 25, 2018 BECOME LAW IN ALL EU JURISDICTIONS. ALTHOUGH THE IDENTICAL LAW WILL BE EFFECTIVE IN EACH EU JURISDICTION, IT WILL BE ENFORCED BY 28 COMPETENT REGULATORS AND THERE CAN BE NO ASSURANCES THAT A COMPLIANCE PROCEDURE SATISFYING ONE EU REGULATOR WILL SUFFICE WHEN EVALUATED BY A DIFFERENT EU REGULATOR. MANY GDPR OBLIGATIONS WILL BE IDENTICAL TO OBLIGATIONS UNDER THE EU DIRECTIVE AND THERE CAN BE NO ASSURANCE THAT THE EXTENT OF A CLIENT'S PAST NON-COMPLIANCE WITH THE EU DIRECTIVE WILL NOT BE TAKEN INTO ACCOUNT BY AN INDIVIDUAL REGULATOR IN ASSESSING GDPR FINES OR ADMINISTRATIVE ACTIONS. IN ADDITION, THERE IS NO WAY TO PROVIDE ASSURANCES AS TO WHICH SPECIFIC GDPR COMPLIANCE OBLIGATION A PARTICULAR EU REGULATOR MAY CHOOSE TO PRIORITIZE, RANDOMLY QUERY, EXAMINE AND AUDIT OR CHOOSE AS BASIS TO IMPOSE A FINE. FAILURE TO FULLY COMPLY WITH THE GDPR IN ANY RESPECT AS OF MAY 25, 2018, SUBJECTS A PARTY TO IMMEDIATE LIABILITY FOR THE STATED FINES, NOTWITHSTANDING DILIGENT EFFORTS TO ACHIEVE COMPLIANCE. PROGRESS ACHIEVING COMPLIANCE MAY ALSO BE AFFECTED BY THE IMPACT OF A CLIENT'S (I) RESOURCE ALLOCATION DECISIONS, (II) GDPR OBLIGATION PRIORITIZATION DECISIONS, OR (III) UNWARRANTED DELAY IN COMMENCING GDPR COMPLIANCE ACTIVITIES AFTER MAY, 2016. BECAUSE OF THE FOREGOING FACTORS, GDPR DESIGN GROUP AND AFFILIATED CONSULTANTS MAKE NO REPRESENTATIONS AND ACCEPT NO LIABILITY FOR REGULATORY FINES OR CIVIL LIABILITY FOR NON-COMPLIANCE . DPO CONSULTANTS PERFORM STATUTORY OBLIGATIONS AND BY STATUTE ARE NOT PERMITTED TO PERFORM DIRECT IMPLEMENTATION OF PRIVACY COMPLIANCE PROGRAMS.