Awareness Training – Consisting Of The General Data Protection Regulation

GDPR Training

This package provided by Compliance Compendium is a yearly cognizance training course, which offers organizations with a distinct and brief outline of new regulations that an organization is meant to follow. The course offers organizations an understanding of the following eleven aspects: Continue reading “Awareness Training – Consisting Of The General Data Protection Regulation”

Compliance Compendium’s CC Suite – Understanding What CC Does


Compliance Compendium, (in short CC), provides a range of services, training and tools to assist organizations, big and small, with their GDPR regulation needs. The Compliance Compendium Suite (CC Suite) provides uncertain companies a completely online toolkit, featuring various tools that can be integrated into a company’s existing system, to assist with GDPR management and compliance.


REGULATORY ASSESSMENT:  Carry out Data Protection (DPIA) and Privacy Impact Assessments (PIA) as part of your overall risk management, as well as GDPRCH – General Data Protection Checklist

Continue reading “Compliance Compendium’s CC Suite – Understanding What CC Does”

Data Protection Impact Assessment and the GDPR


The General Data Protection Regulation (GDPR) came into effect during May 2018.  The focus of the GDPR is on proper data handling and management.  But why involve risk management in the picture?  And why the need for assessments and all those things?


Risk Management broken down to the basics, is the identification of current and future risks or hazards that could affect your company or the projects it is working on.  The aim here is also to identify possible solutions or mitigating factors for these. Continue reading “Data Protection Impact Assessment and the GDPR”

Automating GDPR Compliance

Since May 2018 GDPR Compliance has been the new buzzword going around.  With its effects extending beyond the borders of the EU countries to all other country-based EU corporations as well as corporations handling sensitive information of EU citizens.

But all this lingo aside – how do you comply with all this?  Most small companies and NGO’s do not have a legal council on hand nor have a legal professional on staff to help with this.  Appointing one would cost a fortune that not all the smaller companies can afford. Continue reading “Automating GDPR Compliance”

Incorporating technology in compliance


Compliance and data rights and protection for an individual might seem to be at loggerheads with each other.  With the new GDPR regulation of May 2018, a person has a right to “be forgotten”.

At a certain point in time you, as the consumer, may request that your data be deleted from a company’s database.

This is all fine and well, but what about the financial side of things where the law might require the information to be kept for a little bit longer period of time? Continue reading “Incorporating technology in compliance”

FinTech Vs RegTech – A Comparative Analysis


After the 2008 global financial crisis, (GFC), FinTech and RegTech development were prioritized, and while some believe that RegTech is the replacement for FinTech, it would be an untrue assumption. The question now is, what is the difference between FinTech and RegTech?


FinTech, which is short for Financial Technology, covers the entire range of financial services, focusing on five main areas: finance and investment, internal operations and risk management, data security and monetization, consumer interfaces payments and infrastructure. Continue reading “FinTech Vs RegTech – A Comparative Analysis”



According to the GDPR, individuals have the rights to the following:


When collecting a client’s personal data, an association is required to provide them with the reason for collecting their data, the holding time for the data as well as who it will be shared with.


Clients have the right to access their personal information. They can request the access either verbally or via a written request. Associations have one month to reply to the request and are not permitted to charge their clients for dealing with the request. Continue reading “INDIVIDUAL RIGHTS”

Keep your company GDPR compliant and out of the headlines – in a good way!


How many times have you filled out your personal details on a company website and just ticked the “T’s & C’s” block without even reading or thinking twice?  Have you considered what happens to your information from there onwards?

Or how many times have you slammed down the phone in anger at yet another telesales agent calling to sell some policies or store card to you, coincidentally already having all your personal information?

The new General Data Protection Regulation of the EU, as well as it’s sister, the Data Protection Bill, aims to curb these practices. Continue reading “Keep your company GDPR compliant and out of the headlines – in a good way!”



Organisations are required to report specific incidents that occur, such as a personal data breach, to the ICO. Compliance Compendium provides a tool to customers to use in the event of such a breach, or any issue leading to the loss or abuse of private discernible information.

Not all personal data breaches need to be reported under the DPA of 25 May 2018; if it is not possible for the breach to pose a threat to someone you need not report it. Continue reading “REPORT A BREACH”

Will EU-GDPR 2018 Regulations Impact Indian Companies ?



The European General Data Protection Regulation (EU-GDPR) came into operation in May 2018.  The average Joe would think only individuals and companies based in the European Union would be affected.  But the impact of the EU-General Data Protection Regulation stretches far wider.

Any company with business interest based inside and outside the European Union, companies in India, NGO’s, CMRO’s, or any other organisation across the globe should expect to be impacted.

INDIA AND THE IMPACT OF THE EU-GDPR Continue reading “Will EU-GDPR 2018 Regulations Impact Indian Companies ?”