Data Privacy & GDPR

Supporting our clients in refining and maintaining compliance as the regulatory and legal environment matures

Outsourced data protection services

Many organisations that will require a DPO will not be able to attract or justify paying for an individual that meets the capability and seniority requirements. We can provide a DPO service to overcome these issues

Outsourced subject access requests

Satisfying subject access requests can require a very significant amount of time and effort. Gathering the data, filtering out the irrelevant records, making decisions on what is necessary to include and redacting information appropriately can turn one SAR into a project in its own right.

Data protection impact assessments

Where there is a high risk to the privacy of the individual from a changed business model or use of data, it will be necessary to complete a DPIA / PIA. We are leaders in Ireland and Europe in providing these services.

GDPR audit

A data protection audit provides you with assurance of your compliance efforts to date, taking into account GDPR and national laws

Implementing GDPR

Generally, organisations are taking a risk based approach to GDPR. As such they may not be fully compliant with all aspects of GDPR from May 2018. Becoming compliant will continue to be a requirement for organisations. Guidance from the European Data Protection Board, will refine our understanding of what is compliant and drive operational changes.

Responding to regulation and case law

We do not yet know how the regulation will be applied and interpreted by either regulators or the courts across Europe. Based on the application of the law it will be necessary to update policies and procedures of organisations. 

Achieving accountability, risk assessments & compliance reviews

Assessing and testing compliance is an ongoing requirement of the GDPR and especially relevant as the regulatory interpretation unfolds

Breach response

In the event that the worst does occur, stopping the breach, identifying the impacted data subjects, assessing the impact and required response is critical.

Technology enablement

Most organisations have chosen to minimise the technology investment that they will make for the May 2018 deadline. In the medium term, technology enablement will be required to reduce the cost of compliance. We support organisations in identifying, procuring and implementing these technology solutions.

Privacy and GDPR training

Training staff is critical to compliance. We have a suite of training material focused for specific audiences and updated to reflect how the GDPR is being interpreted across Europe. Our experienced consultants will support the delivery of the training or customisation for delivery through a learning management system.

Developing internal control models for privacy

May 25th 2018 is day 1 for GDPR compliance. Ensuring ongoing compliance will demand an appropriate and effective control model. Mazars can support the delivery of the necessary model.


The GDPR encourages the development of certification standards that will allow organisation to clearly demonstrate to stakeholders that they are compliant with the regulation. Mazars are working with compliance bodies to develop and implement such certifications. Meeting the Regulation’s requirements and protecting data subject’s rights is a challenge that faces every organisation. Mazars offers a range of privacy consultancy and data protection advisory services to assist you in identifying, planning for and meeting your data protection obligations.

Got a question? Just get in touch

Join our mailing list

We have insights into developments that affect your business. We can provide you with unique perspectives and thoughtful solutions so you can meet new challenges and seize opportunities.

Subscribe here