Privacy Scan.
If your organisation is processing personal data, it should be compliant with relevant privacy laws, such as the General Data Protection Regulation (GDPR). This requires an ample effort throughout your entire organisation, which can make it challenging to keep the overview.
A Privacy Scan shows you exactly where you stand in terms of your data protection practices, whether you’re a start-up or a bigger company in need of clarity.
- Get started with GDPR
- Mitigate risks
- Achieve compliance
What is the CRANIUM Privacy Scan?
Our Privacy Scan is your roadmap to data protection compliance. The scan starts with a comprehensive gap analysis, where we thoroughly examine your organisation’s current privacy practices. This examination provides you with a clear snapshot of where you stand in relation to privacy laws, including GDPR. We identify issues, and we prioritise them so you know what needs attention most urgently.
Next to this, you also receive a tailored roadmap. This is a guide, designed to improve your compliance systematically and help you start implementing the required data protection measures to comply with GDPR and other relevant regulations.
Why choose the CRANIUM Privacy scan?
Fast & Efficient
In 2-3 weeks, we'll provide a comprehensive review of your privacy practices. You'll learn where you excel and where improvements can be made, demonstrating accountability.
Start your Journey
This is the essential first step in your privacy maturity program. Our experienced consultants are ready to help you implement the recommended privacy measures.
Trustworthy Expertise
Your scan will be conducted by an experienced privacy officer who works with privacy regulations daily and perfectly knows the ins and outs of GDPR.
What can you expect from a Privacy Scan?
The time needed and the exact approach may depend on the size of the organisation and the scope, but in general a scan takes about 2-3 weeks time. You can expect:
01 - Kick-off meeting
We organise a kick-off meeting in order to identify the relevant stakeholders of the different data protection practices within your organisation, and to discuss practicalities such as the scope of the scan, manage expectations and discuss focus.
02 - Interview with key stakeholders
We’ll ask questions to relevant departments to discover where they stand in terms of data protection. These questions are based on our own Privacy Framework, consisting of 9 manageable areas:
- Roles and Responsibilities
- Awareness and Communication
- Rights of the Data Subject
- Relationship with external parties
- International transfers
- Data Breach Management
- Data Protection by Design & Default
- Technical & Organisational Measures
03 - Reporting
We consolidate all findings in a comprehensive report and create the roadmap.
04 - Presentation
We then present the findings with (a subset) of the key stakeholders.
What are the deliverables?
We always deliver the same documents for a privacy scan. This includes:
- Privacy Scan Report: a detailed overview of the findings divided into 9 manageable areas.
- Privacy Scan Presentation: presentation of the findings towards relevant stakeholders.
- Privacy Roadmap: roadmap for privacy risk mitigation including clear actions to take and an estimate of the time needed.
Start your privacy journey: Next steps.
Once we have scanned your organisation and know exactly where you stand in terms of privacy practices, you can start planning how to implement the privacy roadmap. You can do this with your own resources, but of course, we are also available to assist you with the short-term implementation, or long-term DPO service.
Our CRANIUM GDPR Experts.
RANI VAN KWIKKELBERGHE
Senior Privacy Consultant & Domain Lead
LAURA SCHRIJVERS
Senior Privacy Consultant
FLORENCE DEVENYI
Senior Privacy Consultant
Frequently Asked Questions.
How long does a scan take?
The time that is needed may fluctuate, depending on the size of your organisation and the scope of the project, but in general a scan takes about 2-3 weeks time.
For whom is the Privacy Scan relevant?
The privacy scan is relevant for any organisation starting out their privacy compliance journey or organisations that lack a clear overview of their privacy maturity and/or don’t know where to start/improve.
What kind of involvement is required from our team during the implementation process?
For a Privacy scan, we typically need:
- Documentation relevant to your privacy practices
- Availability of key-stakeholders to conduct interviews
- Presence during kick-off meeting and information sharing with key-stakeholders
While we manage the bulk of the scan work, your team’s insights and cooperation are crucial for a successful, tailored outcome. We’ll work with you to schedule engagements that minimise disruption to your daily operations.
What is the difference between a privacy scan and a GDPR audit?
The privacy scan provides a high-level overview of privacy practices and compliance with data protection laws. Its purpose is mainly diagnostic; identifying gaps and areas of improvement. It shows you where you stand and where you can improve.
The GDPR Audit is a solution for organisations that are more mature in terms of their privacy practices and want to verify and document their compliance. It serves as an independent verification of their privacy efforts, which can be used to build trust towards stakeholders.
Is a privacy scan relevant when acquiring a company?
Yes, very much so! As the soon-to-be controller of all processing conducted by this company, you potentially expose yourself to the non-compliant processing of this company. By executing a privacy scan, the biggest risks can be identified, and a remediation plan can be drafted to get to the desired level of compliance.
Can you help us implement your recommendations?
Yes! Once we have scanned your organisation and know exactly where you stand in terms of privacy practices, you can start planning how to implement the privacy roadmap. You can do this with your own resources, but of course, we are also available to assist you with the implementation.
CRANIUM is recognised by the Flanders Innovation & Entrepreneurship agency (VLAIO) as a service provider.
As an SME, you can receive up to 30% subsidy for our services. More information here.
DV.O225288
Interested in a Privacy Scan?
Do you want more information on our Privacy solutions, an offer or a commitment-free conversation about your needs?