GDPR Case study - Healthcare

RSM firm: Belgium
RSM contact: Steven Vermeulen

Bringing RSM’s ideas and insight – the work we carried out

RSM Belgium performed a compliancy analysis with Belgian Privacy legislation.

Following the adoption of the General Data Protection Regulation, our mission was extended to fulfil the Data Protection Officer role within the client’s company.

Our team conducted interviews and testing of the existing IT architecture, policies and processes. We helped our client with the identification of personal private data through their different data flows. As part of our mission we GDPR case study - healthcareconducted detailed reviews on the subcontractors of the company that have access to the company’s data. As the company is publishing personal identifiable data on their website we performed a risk assessment on securing data and helped our client to take the necessary steps in being compliant to the rules and regulations both on a Belgian and an international level.

We prepared a management report detailing the flaws and issues found during our mission, including the implementation plan with mitigating actions the entity could undertake. As our role as Data Protection Officer, we followed up on the actions taken.

We were able to help our client convince Belgian Authority in granting them a legal basis on which they can operate, proving their investment in securing private data.

Understanding our client – the benefits

The Board and Executive both gained an increased understanding of their data protection obligations (current and future) and their respective roles in ensuring compliance is achieved and maintained.

Continuous assistance on a still evolving International and Belgian privacy legislation, assures the entity they will keep up to date with rules and regulations.

More GDPR case studies >>