GDPR Compliance

DATA SAFE

EUgrc GDPR Compliance Suite

iTree Group in consortium with the leading information security consulting firm in the USA, UK and Baltic market VORAS Consulting Ltd is proud to present an expert system to help our customers comply with the requirements of the EU General Data Protection Regulation.

The EUgrc GDPR Compliance Suite is an expert system designed by information security and data privacy experts to help you ensure that you comply with the requirements of the EU General Data Protection Regulation.  EUgrc embodies the same processes used by live consultants in delivering GDPR compliance projects, automating the process so you don‘t have to hire expensive consultants, who are not always available when you need them.

Our self-learning COMPLai (pronounced „comply“) Engine is loaded with real-world experience in hundreds of projects, combined with the requirements of the:

  • EU General Data Protection Regulation,
  • ISO/IEC 29134 Guidelines for privacy impact assessment,
  • ISO/IEC 29151 Information technology - Security techniques - Code of practice for personally identifiable information protection, and the
  • ISO/IEC 27000 series.

The Engine is constantly updated with the latest security techniques, risks and threats and its advanced algorithms deliver the same level of service you would receive from hiring a team of experienced data privacy and information security experts.

This wizard-driven and easy to use system allows users to:

  • Document and manage all personally identifiable information that is collected and processed, including ensuring compliance with all administrative and technical controls mandated by the GDPR;
  • Conduct privacy impact assessments and risk assessments for data sets and the supporting assets used in their collection, processing, storage and transfer;
  • Inventory and control all of the actors working with their personal data sets, matching data controllers, data processors, providers and recipients with specific data;
  • Make informed choices about which risks to treat and which to accept;
  • Receive a custom-tailored implementation plan, guiding them step-by-step to bridge gaps in their data protection measures (and, if desired, import this plan into their internal task management system for ease of implementation);
  • Generate required compliance documentation, from policies and standards to contractual clauses for subcontractors and employees.