Skip links

The General Data Protection Regulation (GDPR) strengthens the right of individuals in the European Union (EU) to control their personal data and requires organisations to bolster their privacy and data protection measures. It applies to organisations within and outside of the European Union (EU) that offer goods and services to the EU.

The GDPR and South Africa’s data protection law, the Protection of Personal Information Act (POPIA) enacted in 2013 are very similar.

Cloud Essentials has nearly two decades of experience in Information Management and Migration Solutions for large and medium enterprises.

Our approach to GDPR & POPIA projects is modelled around this experience, and we treat these projects with many of the same compliance and governance techniques and processes that we’ve used and developed over the years.

Enabling GDPR compliance pre- and post-migration to the cloud...

Recognising that many of the enterprises we work with are either planning a move to the cloud, or are in the early stages of being ‘in the cloud’, we take a two-pronged approach to delivering an effective, end-to-end GDPR solution.

Our focus is on delivering benefits across the board – not just ticking GDPR boxes. 

For example, performing a data inventory and carrying out a clean-up of your data in advance of migration can massively speed up your transition and reduce ongoing storage consumption in the cloud.

Tell us about your information governance and compliance challenges.
Get in touch

An approach that empowers.

Our approach to a GDPR engagement involves the following high-level phases:

1

Discover

We help you understand your data, infrastructure, business processes & existing data governance framework.  The focus is on performing a detailed inventory of personally identifiable information (PII) & other sensitive data & determining what’s required to ensure accuracy & enabling it to be erased, managed or rectified.

2

Manage

We will work closely with your legal & compliance departments and DPO to develop a new (or refine your existing) data governance framework.  This may include defining a data classification framework, creating labels for sensitivity and retention management, roles and responsibilities for access, management and use of PII & ensuring data handling practices comply with the GDPR.

3

Protect

The objective of this phase is to protect PII from accidental or intentional loss, unauthorised access or disclosure, thereby ensuring its security, integrity & confidentiality.  This involves implementing policies, risk mitigation tools & processes that enable you to respond effectively to a security compromise or data breach.

4

Report

We will help you fulfil your GDPR reporting requirements that require new standards of transparency, accountability & record keeping.

This includes ensuring that the processing of PII is limited to specified, explicit & legitimate purposes.

Trusted by Market Leaders

Repsol
Alexander Forbes
Capita
AutoTrader
Nykredit
Lorentzen & Stemoco

Latest Insights

HubStor & Azure for Legal Professionals

HubStor & Azure for Legal Professionals

Check out our flip book below or click here for[...]
HubStor Announces Pricing Reductions for Both New and Existing Clients

HubStor Announces Pricing Reductions for Both New and Existing Clients

Good news for those expanding their HubStor footprint and ramping[...]
Data Sensitivity Labels

Data Sensitivity Labels

Time to get to Grips with Microsoft’s Labelling Framework Looking[...]
Let us help you build a cloud security strategy to meet your business, practical & compliance needs.
Start my cloud journey