Site Search

Loading Results

General data protection regulation

Are you ready for GDPR?

The EU General Data Protection Regulation (GDPR) takes effect on May 25, 2018, creating challenges—and opportunities—for every organization doing business in the European Union. GDPR may apply to Canadian businesses, since a business doesn’t need to have a physical presence in the European Union to be subject to GDPR.

Does GDPR apply to you?

Take our short quiz to find out.

Prepare for GDPR and create competitive advantage

Canada has its own privacy legislation, so the good thing is you’re likely not starting from scratch. But GDPR privacy requirements are more onerous than the existing Canadian privacy legal regime—GDPR represents a step change in the way businesses need to handle privacy.

Organizations that take the opportunity to rethink risk and compliance as they prepare for GDPR will have a unique opportunity to drive distinctive strategy, capabilities and performance.

What steps can Canadian organizations take to prepare?

Conduct a readiness assessment

Understand if GDPR may apply to your company by completing our online quiz. Focus on in-scope areas and assess the risk and possible impact. How much and what type of EU data do you handle? What’s the risk your business may be the focus of regulator attention?

Then gather information to assess your organization’s current GDPR compliance maturity for in-scope areas and to help understand your critical legacy risks.

 

Find remediation gaps

Identify existing privacy capabilities and the work that needs to be done to bring your organization into GDPR compliance. Take a tactical approach and identify areas where you can limit or out-of-scope GDPR impact altogether.

For example, you could anonymize any EU data you intend to use or stop tracking website visits on an EU web page.

Establish oversight

Put your organization’s ongoing GDPR governance structure and model into place to coordinate and implement your remediation activities.

Implement your program

Get your GDPR program off the ground, remediating any gaps you’ve identified and establishing a rigorous privacy program.

Conduct operation and monitoring

Once GDPR is in effect and your program is in place, conduct ongoing compliance to drive continued accountability and make sure your organization is positioned for future success.

Our GDPR readiness assessment tool

Our GDPR readiness assessment tool helps you understand your current state of compliance and how you benchmark against your peers. Get valuable insights into the work needed to get to your desired end state.

Answer key questions

Our tool features 70 comprehensive questions, all of which are mapped to GDPR requirements

Determine maturity level

There are four possible answers for each question; each answer is mapped to a maturity level 1–4

Understand maturity level

Maturity levels are linked to court cases, consumer complaints and our Enforcement Tracker

< Back

< Back
[+] Read More

Key GDPR program implementation areas

Strategy and governance

Information security

Data life cycle management

Individual rights processing

Privacy by design

Cross-border data strategy

Data processor accountability

Policy management

Privacy incident management

Training and awareness

Learn more about the GDPR implementation areas

Related Content

Contact us

​Jordan Prokopy

​Jordan Prokopy

National Data Trust & Privacy Practice Leader, PwC Canada

Tel: +1 416 869 2384

Linkedin Follow X Follow Email
Sajith Nair

Sajith Nair

Managed Services Leader, PwC Canada

Linkedin Follow Email
Follow PwC Canada
Today's issues Top issues Acquisitions and Divestitures Building trust for today and tomorrow Compliance. Transformed. Crisis Cybersecurity, Privacy and Financial Crime Environmental, social and governance (ESG) Fit for Growth Future of finance Generative AI Workforce of the future
Insights All Insights Blogs CEO survey Cloud Technology Insights Director connect Generative AI Hub Podcasts Risk and Regulatory Hub Smart cities Strategy& strategy+business
Industries Industries Asset management Automotive Banking & capital markets Cannabis Consumer markets Energy Entertainment and media Financial services Government and Public Services Healthcare Industrial manufacturing Insurance Mining Power & utilities Private equity Real estate Technology sector Telecommunications innovation Transportation and logistics
Services Services Accounting Advisory Services Alliances Audit and Assurance Consulting Crisis and resilience Current Insolvency Assignments Data and analytics Deals Forensic Services Japanese Business Network Legal Managed Services Products PwC Private Risk Assurance Risk Modelling Services Tax Transformation and investment management
About us About Us 2023 new partners Board of directors Alumni Contact us Corporate responsibility Ethics and Code of Conduct Inclusion and diversity Our Canadian leadership team Our history Our offices locations Our people Our purpose, vision and values Press releases Procurement at PwC The New Equation Women in Leadership
Careers Careers Explore our business areas Student and new graduate opportunities Life at PwC Canada Benefits, flexibility and wellness Talent Community

© 2018 - 2024 PwC. All rights reserved. PwC refers to the PwC network and/or one or more of its member firms, each of which is a separate legal entity. Please see www.pwc.com/structure for further details.