Medical Research & Pharmaceutical Consulting, Information Security and Data Protection (GDPR)

GDPR compliance

As data protection is becoming more and more valuable and constitute a crucial pillar for companies brand and reputation, the need for organizations to protect personal data is also constantly increasing. The initial 'grace period' is definitely over, and Data Protection Authorities have already inflicted the first heavy fines in EU.

Violating the fundamental rights and freedoms of individual, even accidentally, is not a risk companies can ignore or pretend it will never happen: it will. Not complying with the data protection regulations can lead to risky situations that harm an organization’s credibility, reputation, and definitely its financial status.

This is where KAX Consulting can help you decisively. Our message is that GDPR is a real opportunity, and it is not just about data security as usual. Organizations most important goals and obligations are the purpose for personal data collection and obligations during its processing, including but not limited to lawfulness, fairness, transparency, and purpose limitation.

Whether your needs are limited to training and formation, or to the full implementation of a compliance strategy and implementation we can leverage multi-years experience and international accredited certification to address your concerns, support your efforts, and achieve your goals in compliance and data protection.

​

Who can we support?

​

• Managers or teams seeking to prepare and support their organization in planning, implementing, and maintaining a compliance program based on the GDPR

• DPOs and individuals responsible for maintaining conformance with the GDPR requirements

• Members of information security, incident management, and business continuity teams

​

What will you also achieve?

​

• Understand the concepts of the GDPR and interpret its requirements

• Understand the content and the correlation between the General Data Protection Regulation and other regulatory frameworks and applicable standards, e.g., ISO/IEC 27701

• Acquire the competence to perform the role and daily tasks of the Data Protection Officer in your organization

• Develop the ability to inform, advise, and monitor compliance with the GDPR and cooperate with the supervisory authority

​

GDPR Self-Assessment

​

PECB provides a well done online assessment which can help your organization to acknowledge, understand, and improve your organization’s compliance level to GDPR. A set of questions have been developed to discover and identify the strengths and weaknesses of your organization’s compliance to GDPR.

​

The online assessment tool involves a quick review, available at no cost, for the purpose of evaluating your organization’s readiness to GDPR.

The questionnaire consists of 16 comprehensive closed-ended questions. After answering to the questionnaire, a calculated score result will be provided, so you can have an understanding of your organization’s compliance to GDPR.

​

Note: This online review serves only as a guidance based on the responses provided; it doesn’t necessarily imply your full compliance to GDPR. For further information about the PECB GDPR Assessment process and requirements, please contact PECB at ms@pecb.com

​

GDPR Readiness Self-Assessment 

DPO/RPD Service

This service as DPO/RPD is for medium and small companies, professionals, or public administrations which are required to designate a Data Protection Officer / Responsable Protection Données but won't necessarily want to hire a full time position.

​

A common wrong belief is that the legal obligation to appoint a Data Protection Officer is only based on the size of the company. The GDPR, on the contrary, bases the obligation to designate a DPO on the core processing activities which are defined as those essential to achieving the company’s goals. Public bodies on the other hand always have to appoint a DPO, with the exception of courts who are acting in their judicial capacity.

​

Companies can either name an employee as an internal Data Protection Officer, and paying close attention to conflict of interests, or they can appoint an external Data Protection Officer.

​

The service fee depends on three critical factors:

​

1. Number of Data Treatments within your organization (actual or estimated)

2. Criticality of personal data being treated (especially if it involves minors and/or special category of data)

3. Your own organization, size, and structure

​

Contact us to profit from a DPO with multi-years experience on Information Security, Data Privacy, Data Protection, and PECB accredited and certified, too.

Let our expertise meet your needs.

​

We will help you with:

​

1. Establishing Data Privacy and Data Protection at the core of all your business operations

2. Continuously promoting Data Protection awareness, accountability, and compliance within your organization

3. Ensuring the protection of Personal Data in all of your processing, in compliance with applicable laws, regulations and industry codes, your internal policies and procedures, and eventually help you amend them

​

PECB Certified GDPR Trainings

Reinforce your expertise about the General Data Protection Regulation through PECB’s training courses listed. During the trainings you will learn all the necessary tools and methods that will enable you to assist your organization in achieving and maintaining its compliance with GDPR requirements.

​

In the context of PECB trainings, we collaborate with the ACTAGIS Academy for training and courses in Switzerland and Europe.

​

ACTAGIS Academy is the unique qualified & authorized training center delivering the combined knowledge and expertise for Governance, Security, Risk, Quality, and Business Continuity with accredited certifying training courses and exam preparation and very high success rates. Please do contact us for more information about the training sessions.

​

​

GDPR Introduction

GDPR Introduction training course enables you to comprehend the basic concepts and requirements of the General Data Protection Regulation (GDPR). This training will also help you understand the responsibility of data handling, processing and the role of a data controller.

​

Learning objectives: 

• Understand the basic concepts and components of Data Protection

• Understand the data protection principles, challenges, issues and the importance of a data protection officer, controller and processor

• Understand the concepts, approaches, methods and techniques for the effective protection of data

​

GDPR Foundation

Become familiar with the concepts and requirements of General Data Protection Regulation (GDPR). This course will help you learn the basic elements of implementing and managing a compliance framework in terms of protecting personal data.

​

Learning objectives:

• Understand the General Data Protection Regulation requirements and the fundamental principles of privacy

• Understand the obligations, roles and responsibilities of the Data Protection Officer

• Understand the concepts, approaches, methods and techniques to effectively participate in the implementation process of a compliance framework with regard to the protection of personal data

​

Certified Data Protection Officer

Obtain all the competencies and knowledge necessary to lead all the processes for complying with the requirements of the General Data Protection Regulation (GDPR) in an organization. Moreover, this course will also provide you all the operational skills and knowledge necessary to perform the activities that are required to maintain compliance with the General Data Protection Regulation.

​

Learning objectives:

• This training is based on both the Regulation and best practices

• Lecture sessions are illustrated with practical questions and examples

• Practical exercises include examples and real case discussions

• Practice exercises are similar to the Certification Exam