Equity Communications

Tel: 0121 434 5057

  • Home
  • About Us
  • Board Evaluations
  • Regulatory Compliance
  • Clients and Case-Studies
  • Noticeboard
  • Blog
  • Contact Us

Who ‘owns’ your GDPR project?

16th October 2017 5 Comments

A FTSE250 Corporate Lawyer writes...

Who in your organisation is taking day to day ownership of management of the GDPR project?  Is your COSEC function running the project (if so who?) or is it the wider legal team or does the project manager even sit outside of legal/cosec altogether?

Asides from your colleagues in HR, IT etc how many in legal or Cosec are assigned to it please and how far down the line are you?

Leave a Reply Cancel reply

Only your comment and indication of company type will be published

Comments

  1. FTSE250 said

    27th October 2017 at 6:11 pm

    There is a separate project team to run GDPR. There is an interim team of 3 under the project manager who reports to the head of facilities.
    The working party c 15 in total has a rep from all businesss and support functions inc one from CoSec and legal
    The working party reports to a senior management steering group

    • FTSE250 said

      17th October 2017 at 10:16 am

      GDPR compliance is “owned” by our Corporate Risk Director working within our Cosec, Legal and Risk team reporting to the Company Secretary.

      • FTSE250 said

        16th October 2017 at 5:46 pm

        The GDPR Project is being led by the Group Company Secretary. A full time Programme Manager (in our Project Management team) has been assigned to work with the GCS and we have established a cross divisional cross functional Working Group.
        Legal team members are part of the Working Group which includes representatives from IT, Marketing and HR (including representatives from these functions from EMEA, Americas and Asia). We started the GDPR project in early-2016 and so are reasonably well advanced across each of the areas.

        • FTSE SMALL CAP said

          16th October 2017 at 4:07 pm

          As a consequence of the way our corporate functions are organised (small listed company, with minimal “head office” functions and considerable autonomy/responsibility for the operational divisions) the “owner” of the GDPR project is the Group Head of Internal Audit/Assurance, who works primarily with the IT directors the divisions, and with input from the Group Counsel/Company Secretary as required. So the “head office” team is a couple of people, with implementation of GDPR being the responsibility of the management teams of the divisions.

          The plan follows what looks like a fairly standard process, and at the moment we are busy data mapping and sorting out what consents will be required.

          • FTSE250 said

            16th October 2017 at 3:21 pm

            Co Sec leads project, because Business Assurance reports in, which function includes Information Security and Compliance. One from legal team (we only have three lawyers!). Data mapping in progress, and assessment of quality of existing “consents” being reviewed.

            Sections

            • Home
            • About Us
            • Board Evaluations
            • Regulatory Compliance
            • Clients and Case-Studies
            • Noticeboard
            • Blog
            • Contact Us

            Recent Notices

            • TCFD advisors / agencies

              TCFD advisors / agencies

              2nd May 2022
            • Board portals

              Board portals

              2nd May 2022
            • E-learning training platforms for Group employees

              E-learning training platforms for Group employees

              30th April 2022
            • Permissions to Deal when transferring shares to an ISA

              Permissions to Deal when transferring shares to an ISA

              13th March 2022
            • Shareholder mailing preferences

              Shareholder mailing preferences

              22nd February 2022

            Contact Equity Communications

            Address:

            The Lodge,
            88 Katherine Road,
            Birmingham,
            B67 5RF

            Registered in England and Wales No. 04951030.

            • Blog
            • UK Board Evaluations
            • UK Corporate Governance

            © 2022 · Equity Communications 2015 ·· Site Designed & Built by Midland Web Solutions