Data Protection Impact Assessment: 8 Wk

Following Schrems II, organizations who use US-based cloud service providers face greater uncertainty related to GDPR requirements than ever before. The Privacy Shield is now gone and Standard Contractual Clauses, for so long the bedrock of EU-US data transfers, are no longer sufficient. As a result, many organizations have delayed a decision to assess a move to Microsoft 365, and some organizations that were mid-project have paused their work until there is further clarity, and / or the EU Data Boundary is in place.

Data Protection Impact Assessments helps organizations considering adopting Microsoft 365 or those with a stalled implementation to understand and mitigate any GDPR-related risk and concerns. Through this process we help organizations map and mitigate any GDPR-related risks or concerns, so that they can move forward confidently with adoption of Microsoft 365 without the need to wait until the EU Data Boundary is in place. The steps we follow include 1. Risk Identification: Lighthouse experts review internal data to identify risks related to GDPR data privacy requirements for your organization. 2. Roadmap to Risk Mitigation: Our team provides specifics on how to manage any identified risks through a combination of people, process, and technology options. 3. Accelerated Adoption: With a DPIA, organizations can unstick Microsoft 365 projects stalled because of concerns around data privacy risk related to GDPR.

A Structured 8-week engagement consisting of 5 phases