Monte Alto Solutions have significant management expertise in developing GDPR solutions and consulting with Clients regarding GDPR readiness and requirements.

The Monte Alto Solutions’ service operates at several levels:

• We work with Clients to support them in defining their requirements
• We offer consulting services to review readiness and preparedness
• Monte Alto Solutions help in resourcing / supplementing clients’ existing teams for consulting projects
• We work with your management team to establish conformance and compliance
• There are several integration points with software and services provided by GDPR service / suppliers
• Monte Alto Solutions work alongside your management team to ensure the complete end-to-end service is managed efficiently and effectively.

We establish an action plan to guide our clients through the various stages towards conformance. Then we execute the strategy to ensure our clients have in place the organisational infrastructure, operational practices, and policies for sustainable conformance.

Monte Alto Solutions take a wider perspective than simple conformance to GDPR. We place GDPR in the context of corporate social responsibility, governance, operational discipline, customer service delivery, and risk management. Our objective is to limit financial and reputational risk and actively reduce the exposure of your organisation.

Our GDPR consultancy service provides an end-to-end service. We view GDPR as part of overall business strategy, transformation and future-proofing the organisation.

1. Project management of GDPR / Mainstream Consultancy and Advisory

We provide the documentation, information, and operational foundation to Clients to enable their legal team / advisors to confirm conformance to GDPR. This includes:  Readiness and preparedness towards GDPR conformance; DPO support; Article 30 GDPR service; Data protection by design and default (Article 25); DPIA (Data protection Impact Assessment (Article 35); Data breach notification (Article 33/34); Coordination of functional teams; Partnerships and external collaboration; Engagement and education.

2. Impact on sales and marketing and brand image
3. Governance, risk management and business strategy
4. GDPR relevant Data management, data mapping and data management products
5. Impact on Customer-centric service delivery and operational performance

We focus as much on the action and execution as we do on evaluation, planning and strategy. We help your management team implement the changes and participate in any redesign work.

We also work with a number of business partners (IBM and ISAAC) who offer software and service solutions. Monte Alto Solutions provide advice with regard to integration of software solutions and products to help client organisation meet the demands of GDPR.

Our solution is practical and realistic. In the past, many of the processes and practices related to GDPR have been positioned to promote particular software solutions by organisations which are more interested in product sales. The Monte Alto Solutions service is designed to focus on client needs. We build a programme specifically to support the requirements of your organisation.

Our consultants create a strategic road map, drawing together the various elements necessary to achieve GDPR compliance. This establishes an interlinked chain of logistics, events, external partners, head-office central functions, IT departments, legal teams, sales and marketing, and front-line services. We ensure GDPR conformance is customer-centric, organisationally relevant, and operationally practical. We “ground” GDPR in business reality and an operational environment.

The service particularly focuses upon:

1. Data subject rights / Organisation responsibilities (Art. 15/17/18/20/21/22)
2. Rectification (Art. 16/19)
3. Data controller responsibilities (Art.5/24)
4. Data processor responsibilities (Global) (Art. 28/30/32)
5. Protection by design and by default (privacy y) (Art. 25)
6. Data breach notification (Art. 33/34)
7. Data Protection Impact assessment / Privacy impact assessment (Art. 35)
8. Data protection officer responsibilities (Art. 37/38/39)
9. Certification (Art. 42)
10. Data transfer (Art.44/45)

We take a structured approach. Within this framework our service is designed to be modular and fully flexible to meet the demands of our Clients. We give our Clients complete control of their data management and information requirements. Our GDPR consultancy can be used as a stand-alone service or combined to provide a comprehensive picture of the organisation’s data management.