From initial assessments of exposure under the GDPR to the design and implementation of comprehensive data management plans, I will work closely with your organization’s compliance officers and data managers to ensure that your organization is able to make cost-effective adjustments to guarantee compliance with European data protection laws.

I can offer competitive pricing for individual projects or ongoing support, based on your organization’s needs. Some examples of what I can offer include:

* GDPR Check-Up: I can prepare a custom, comprehensive assessment of your organization’s exposure and obligations under the GDPR, based on a thorough analysis of how your organization collects and manages data, including the kinds of risks presented by noncompliance.

*Controllers and Processors: A given institution’s obligations under the GDPR depend less on the type of data being collecting and more on what’s being done with it. In the complex landscape of international partnerships and onsite providers, it’s not always clear who exactly is responsible for what when it comes to data protection. I can map out these relationships, clarify the legal obligations of the different parties, and support your organization’s development of an effective and efficient distribution of responsibility for data protection.

*Employee and Contractor Training: Does everyone handling your students’ and faculty’s data know what is expected of them by your organization and required of them by the law? GDPR compliance requirements cut across our usual categories and affect IT, Compliance Officers, International Programs and Study Abroad administrative units, and even academic departments.

*Data Protection Impact Assessments (DPIAs): Are you planning on establishing a new study abroad program or international partnership? Do you need to know the specific privacy risks of an existing activity? Do you know where your operations encounter sensitive or high-risk categories of data? A DPIA will identify the areas of a new or existing enterprise that require special attention under the requirements of the GDPR, and the appropriate measures necessary to take.

Don’t hesitate to contact me by email to zachary@zacharyandrous.com if you have any questions about the kinds of services I can provide to your organization!