GDPR Article 30 Mapping

Chaucer / Chaucer Financial Services / Case Studies / GDPR Article 30 Mapping

Our client needed help with:

Understanding the data flow and processing activities of personal identifiable information relating to the incoming GDPR regulation, most notably that pertaining to Article 30

Our approach:

  • We undertook an advisory piece for a Tier 2 commercial bank in line with incoming data protection regulations.
  • Different departments and locations were brought together to map & thoroughly understand each transfer of data, security methods used and current data storage practices.
  • Chaucer Financial Services put together a clear roadmap of actions required to ensure the bank was fully compliant rectifying any potential breach areas.

The results:

300+

Potential GDPR breaches discovered and reported

17

Departments that process data and required review

4

Country locations of the bank to understand

85

Data flow processes recorded

How we delivered these results:

  • Conducted a series of structured meetings with department or system subject matter experts.
  • Detailed and mapped each of the 85 data flow process identifying key cross-border transfers and storage of personal data items.
  • Reviewed against article 30 criteria within the GDPR regulation, uncovering areas that further needed review under different articles.
  • Suggested recommended action path to ensure data flow going forward was fully compliant to the regulation by the time it was committed to UK law.

If you think we can help you to implement your project or programme strategy, please call us on:
+44 (0) 203 141 8400 in UK/Europe, or ​​​+1 713 821 1783 in the USA.

Alternatively, please send us some brief information and we can discuss things in more detail.