The introduction by the EU Parliament of the General Data Protection Regulation (GDPR) which has been in effect since the 25 May 2018 is the biggest change in data protection law for 20 years.

Every organisation needs to assess their position and if they comply with the GDPR. Preparing for the GDPR is considered to be a complicated proceed and we at Baker Tilly through our multi-disciplinary skill sets can work with you to develop an effective roadmap in order to comply with the changing regulations.


Our GDPR services include the following:

GDPR Readiness Assessment

Short assignments comprising a collection of information, workshops with designated executives and deliverable preparation, submission and presentation.

The key deliverable from this initial phase of the GDPR journey comprises heavily practice advice, reflecting:

  • identification of GDPR gaps, prioritised for risk and implementation complexity
  • proposed project plan for implementing recommended actions, with clear team indications, departments and skills involved
  • budgetary information (wherever possible) regarding the investments and costs involved

GDPR Compliance Strategy Implementation

Execution of all approved actions for achieving GDPR compliance, with the involvement and cooperation of designated customer personnel.  This includes activities across People, Process and Technology and includes formal project management of those actions assigned to our team.  At our customers’ option, it may also include legal advisory and consulting services.

Typical scope areas include implementation of GDPR User Rights; Privacy by Design process improvements; Privacy & Security Policies; Incident Response & Management Processes; definition of Data Retention policies; 3rd Party Contracts; and mechanisms to manage conflicting regulatory and legal obligations.

GDPR Compliance Strategy Project Management

For compliance actions that customers decide to execute with internal resources, we can undertake the role of Project Manager of a customer’s GDPR plan.  The key benefit to our customers revolves around the confidence we can bring to the implementation process, in relation to agreed deadlines and budgets, through scope, task and team management.

GDPR Compliance Strategy Assurance Services

For larger customers who choose to project manage their GDPR implementation efforts internally, our Project Assurance Services are designed to confirm the reported progress of the GDPR programme and initiatives.

As part of our deliverables, we also undertake to monitor and keep under evaluation the efforts, plans and technologies which are deployed, to maintain consistency to GDPR objectives, plans and requirements.

Outsourced DPO Services

Supported by appropriate processes and skilled personnel (with complementary legal support as an additional option), we take pride on our ability to support local and international organisations with the same high standard of quality and customer focus, via centralised or distributed delivery, through Baker Tilly’s regional associations and partnerships

Contact Aristotelis Klitou