Privacy & GDPR Services

GDPR came into force on 25th May 2018. Mazars has supported many organisations attain GDPR compliance. We will continue to provide support to our clients in refining and maintaining compliance as the regulatory and legal environment matures.

Impact Assessments

Outsourced DPO

Implementing GDPR

Generally, organisations are taking a risk based approach to GDPR. As such they may not be fully compliant with all aspects of GDPR from May 2018. Becoming compliant will continue to be a requirement for organisations. Guidance from the European Data Protection Board, will refine our understanding of what is compliant and drive operational changes.

Responding to Regulation and Case Law

We do not yet know how the regulation will be applied and interpreted by either regulators or the courts across Europe. Based on the application of the law it will be necessary to update policies and procedures of organisations. 

Achieving Accountability, Risk assessments & Compliance Reviews

Assessing and testing compliance is an ongoing requirement of the GDPR and especially relevant as the regulatory interpretation unfolds

Data Protection Impact Assessments

Where there is a high risk to the privacy of the individual from a changed business model or use of data, it will be necessary to complete a DPIA / PIA. We are leaders in Ireland and Europe in providing these services.

Outsourced Data Protection Services

Many organisations that will require a DPO will not be able to attract or justify paying for an individual that meets the capability and seniority requirements. We can provide a DPO service to overcome these issues

Breach Response

In the event that the worst does occur, stopping the breach, identifying the impacted data subjects, assessing the impact and required response is critical.

Technology Enablement

Most organisations have chosen to minimise the technology investment that they will make for the May 2018 deadline. In the medium term, technology enablement will be required to reduce the cost of compliance. We support organisations in identifying, procuring and implementing these technology solutions.

Privacy and GDPR Training

Training staff is critical to compliance. We have a suite of training material focused for specific audiences and updated to reflect how the GDPR is being interpreted across Europe. Our experienced consultants will support delivery of the training or customisation for delivery through a learning management system.

Developing Internal Control Models for Privacy

May 25th 2018 is day 1 for GDPR compliance. Ensuring ongoing compliance will demand an appropriate and effective control model. Mazars can support delivery of the necessary model.


The GDPR encourages the development of certification standards that will allow organisation to clearly demonstrate to stakeholders that they are compliant with the regulation. Mazars are working with compliance bodies to develop and implement such certifications.Meeting the Regulation’s requirements and protecting data subject’s rights is a challenge that faces every organisation. Mazars offers a range of Privacy consultancy and Data Protection advisory services to assist you in identifying, planning for and meeting your Data Protection obligations.

Want to know more?

Data Protection News


Mazars Data Protection Newsletter - Issue 4

What is the impact of GDPR? One year in and the jury is still out. There have been only 41 published sanctions from data protection authorities across Europe in the first year: 21 of these were imposed by the UK’s ICO and 2 from Ireland’s DPC.

Download pdf 1.13 MB

Data Protection Impact Assessments

Data Protection Impact Assessments
Mazars are the market leading provider of Data Protection Impact Assessments and Privacy Impact Assessments in Ireland. We have been providing Privacy Impact Assessments for the last 10 years and Data Protection Impact Assessments since the publication of the GDPR in 2016.

Read more

Outsourced Data Protection Officer

Outsourced Data Protection Officer
Mazars provides outsourced Data Protection Officer (DPO) services to organisations that do not wish to directly employ a DPO.

Read more