Call Us

Americas / EnglishEnglishFrançaisDeutschItalianoEspañol
+44 (0)20 8939 1650

Header Menu

Blog
Careers
Customer Support

ProductsExpand
Ethics & Compliance Platform
The NAVEX One platform is an automated ethics and compliance solution that includes a suite of complementary solutions.

Learn More

Lockpath Integrated Risk Platform
NAVEX Global’s Lockpath is a powerful, flexible, integrated GRC platform that enables integrated risk management and is built to scale.

Learn More

Environmental, Social & Governance Solutions
NAVEX ESG helps organisations remove the complexity and confusion of managing multiple sustainability efforts.

Learn More

Ethics & Compliance Management
+− Submenu
Whistleblower Hotline & Reporting

Incident Management

Policy & Procedure Management

Code of Conduct

Ethics & Compliance Training
+− Submenu
Awareness Solutions

Course Library

Create a Custom Training Plan

Disclosure Management

Analytics & Benchmarking
+− Submenu
Compliance KPI Benchmarking

Dashboard Analytics

Third Party Risk Monitoring & Screening

Integrated Risk Management
+− Submenu
Business Continuity Management

Privacy, Risk & Compliance Management

Third Party Risk Management

Health and Safety Management

IT Risk Management (clone)

IT Risk Management

Operational Risk Management

Environmental, Social and Governance Management
+− Submenu
ESG Framework Management

Environmental Sustainability Management

Responsible Supply Chain Management

Conflict Minerals Management
SolutionsExpand
Download

Download

Download

Download

By Issue
+− Submenu
Workplace Whistleblowing

Bribery & Corruption

Diversity & Inclusion

ESG Compliance

ESG Reporting

Business Continuity

Compliance & Policy

Health and Safety

IT Risk

Operational Risk

GRC Management

Managing Third Parties

Regulatory Compliance

Organisational Culture

Corporate Fraud

Harassment & Discrimination

Conflict of Interest

Cyber Security

Data Privacy

Retaliation

Money Laundering

By Role
+− Submenu
Ethics & Compliance

Legal & Risk

Human Resources

Board of Directors

Quality Control

IT

Procurement & Supply Chain

Audit

By Industry
+− Submenu
Financial Services

Healthcare

Higher Education

Life Sciences

Energy & Utilities

Retail

Transportation & Logistics

Insurance

Technology

Government

Food & Beverage

Manufacturing

By Regulation
+− Submenu
EU Whistleblower Directive

GDPR

UK Bribery Act

FCPA

DOJ Corporate Compliance

ISO 27001

NIST CSF

OSHA

PCI DSS

SMCR

UK Modern Slavery Act

Sapin II

Italy Whistleblower Protection Law

SOX
PricingExpand
ServicesExpand
Professional Services

Customer Success
+− Submenu
Implementation Services

NAVEX Global Community
ResourcesExpand
Benchmarking Reports

Definitive Guides

White Papers

Case Studies

Product Overviews

Webinars

ROI Calculators

Compliance Next

ALL RESOURCES
CompanyExpand
Leadership Team

Partners

In the News

Press Releases

Events

Blog

Working at NAVEX Global

Job Openings
Get In Touch
EMEA + APAC
+44 (0)20 8939 1650

FRANCE
+33 1 73 79 40 20

US + AMERICAS
1-866-297-0224

Locations >

Thank you for your interest in NAVEX Global. We'll be in touch with you shortly. If you have any immediate questions, please give us a call at 1-866-297-0224.

GDPR Compliance

Speak with one of our experts to help you get started

What is GDPR?
What You Need
Steps to Take
Learn More
Resources
Learn More

How Can You Comply With GDPR?

The European Union’s Global Data Protection Regulation (GDPR), enacted in 2018, has effectively replaced the 1995 Data Protection Directive. It includes a number of key changes that address modern data-driven environments. To comply, organisations must develop specific processes governing internal records and data breach notifications; appoint a Data Protection Officer; allow individuals to access and control what personal data is collected and how it is used; and more. Under the new territorial scope of the GDPR regulation, the law applies to many organisations that sell goods or services within the EU, regardless of where their businesses are located.

New GDPR requirements have created major concerns for data privacy professionals and others working with Governance, Risk, and Compliance (GRC). Organisations that fall under GDPR must embed privacy-by-design concepts across the enterprise, including their product lifecycle, vendor management, and human resources. In addition to a number of other requirements under the new GDPR definition, individuals must be notified of personal data breaches within 72 hours. Failure to comply with GDPR requirements can result in fines of up to 4% of an organisation’s global annual revenue, or up to €20 million, whichever is greater.

See how to achieve compliance and protect your data

What You Need

Privacy by Design

Data protection and privacy-by-default concepts must be part of the launch of all data processing technologies and processes.

Policy & Procedure Updates

New GDPR requirements need to be operationalised throughout the organisation with extensive and thorough policy and procedure updates and dissemination.

Timely Breach Notification

Effective and accessible reporting mechanisms should be in place so data breaches, big or small, can be reported and escalated immediately.

GDPR Compliance Training

Employee risks should be identified and training should be assigned to educate at-risk employees on their new responsibilities under the Global Data Protection Regulation.

Steps You Can Take to Avoid GDPR Fines

Step 1

Make sure internal policy and procedure management capabilities allow you to align the entirety of your workplace with the broadened scope of new GDPR requirements.

Step 2

Manage individual requirements, investigative case management, crisis management, regulatory reporting, and other individual requirements proactively.

Step 3

Implement multiple whistleblower incident management reporting methods including a compliance hotline as well as deploy a comprehensive communications effort to inform employees of their role in identifying and reporting data breaches.

Step 4

Create and roll out a multiyear training program that trains each employee group on the GDPR topics applicable to their roles and the data they manage.

Step 5

Extend your privacy-by-design standards through your supply chain, garner attestation to policies and identify reporting channels to all vendors and contractors with effective third-party management and due diligence.

Begin your GDPR compliance journey today

Get Started Now

GDPR Compliance Resources

DatasheetGDPR Compliance
Full Length CourseGlobal Data Privacy: GDPR

Explore Other Regulations

FCPA Compliance

Read more about FCPA Compliance

SOX Compliance

Read more about SOX Compliance

LinkedIn Twitter Facebook YouTube

+44 (0)20 8939 1650

Thank you for subscribing! Please be sure that @navexglobal.com is on your company's safe sender list to ensure our emails reach your inbox!

Select Language & Region

English
English (EMEA)
Deutsch
Italiano
Français
Español

About NAVEX Global

Our Story
Blog
In the News
Press Releases
Events
Careers
Leadership Team

Terms of Service

Modern Slavery Act Statement
Privacy Statement
Terms of Use
Email Subscriptions
Cookie Preferences
English