Our experienced gdpr compliance consultants are not registered to practice law in foreign jurisdictions and will not provide clients with local jurisdiction legal advice. Instead, we work within your team to assess your organization's GDPR compliance risk and deploy established, recognized, Data Protection "best practices" and compliance tools, in each applicable eu jurisdiction (supplemented by local counsel guidance when necessary to identify jurisdiction-specific gdpr considerations).
In anticipation of the May 2018 deadline for GDPR enforcement, "regulatory" DPO appointments will be available (on a two-year (min.) contract) at a flat rate of $75,000 annually, paid quarterly in advance for each calendar quarter our DPO consultant is officially disclosed to a regulator and/or identified on your website (DPO services in excess of 40 hours per quarter separately billed at $250.00 per hour). Because the termination of a DPO will need to be documented and justified based on the GDPR guidelines, careful consideration of the business experience and privacy expertise of the initial DPO appointee will be very important. GDPR Design Group DPO resources will include with sufficient legal and business experience in technology and marketing to apply prudent business judgment in guiding GDPR compliance programs.
Contact: Roger D. Edwards, Esq., M.B.A, Principal Consultant
Privacy Professional Certifications:
** International Association of Privacy Professionals https://iapp.org/
IAPP "Fellow Of Information Privacy" designation (FIP)
CIPP/US (USA), CIPP/E (EU), CIPM (PRIVACY PROGRAM M ANAGER) & CIPT (PRIVACY TECHNOLOGIST)
** IT Governance UK www.itgovernance.co.uk/
Phone: (mobile) 650.380.9887
LEGAL NOTICE: THE GDPR WILL ON MAY 25, 2018 BE ENFORCED IN ALL EU JURISDICTIONS. THERE CAN BE NO ASSURANCES THAT A COMPLIANCE PROCEDURE SATISFYING ONE EU REGULATOR WILL SUFFICE WHEN EVALUATED BY A DIFFERENT EU REGULATOR. MANY GDPR OBLIGATIONS WILL BE SUBSTANTIALLY IDENTICAL TO OBLIGATIONS UNDER THE EU DIRECTIVE AND THERE CAN BE NO ASSURANCE THAT THE EXTENT OF A CLIENT'S PAST NON-COMPLIANCE WITH THE EU DIRECTIVE WILL NOT BE A FACTOR IN ASSESSING GDPR COMPLIANCE OR ASSESSING FINES. iN RECOMMENDING A COMPLIANCE STRATEGY,THERE IS NO WAY TO PROVIDE ASSURANCES AS TO WHICH SPECIFIC GDPR COMPLIANCE OBLIGATION(S) A PARTICULAR EU REGULATOR MAY CHOOSE TO PRIORITIZE, RANDOMLY QUERY, AUDIT AND/OR CHOOSE AS BASIS TO IMPOSE A FINE. PROGRESS IN ACHIEVING COMPLIANCE MAY ALSO BE AFFECTED BY THE IMPACT OF A CLIENT'S (I) RESOURCE ALLOCATION DECISIONS, (II) GDPR OBLIGATION PRIORITIZATION DECISIONS, OR (III) UNWARRANTED DELAY IN COMMENCING GDPR COMPLIANCE ACTIVITIES DURING THE TWO-YEAR GRACE PERIOD. BECAUSE OF THE FOREGOING FACTORS, GDPR DESIGN GROUP AND AFFILIATED CONSULTANTS MAKE NO REPRESENTATIONS AND ACCEPT NO LIABILITY FOR REGULATORY FINES OR CIVIL LIABILITY FOR A CLIENT'S FAILURE TO ACHIEVE FULL COMPLIANCE AS OF MAY 25, 2018. DPO CONSULTANTS PERFORM STATUTORY OBLIGATIONS AND BY STATUTE ARE NOT PERMITTED TO PERFORM DIRECT IMPLEMENTATION OF PRIVACY COMPLIANCE PROGRAMS AND SHALL NOT BE LIABLE FOR FAILURE OF CLIENT TO TO TIMELY ACHIEVE COMPLIANCE.