Helping your Organisation to become GDPR Compliant

Apogee works with organisations to develop a tailored strategy for GDPR compliance based on their current data management and processes, and future data activities. There is no one-size fits all solution. Below are 4 initial tactics Apogee can help to employ in order to assist your organisation work towards GDPR compliance.

Helping Your Organisation To Become GDPR Compliant Apogee

Data mapping

Data mapping is a broad term that can mean different things to different organisations, but commonly there are two main strategies for establishing where the data actually resides:

  1. PII Discovery and Personnel: establish employee involvement in parts of the business and usage and creation of PII, readily customisable, auditable and repeatable.

  2. Electronic mapping: more complex process of searching repositories using targeted criteria and data crawling techniques to map PII based on metadata.

Data lifecycle scoping

Building on data mapping by creating a shortlist of possible locations where the data will likely be found, taking into account all stages of document lifecycle from creation/input through to destruction of data.

Define data sets

Establishing what data is personal vs business, through discussion with internal policy makers and stakeholders (Legal, IT, Compliance, Risk).

Structured data searches

Specialist software is then used to search the identified data for PII using a combination of techniques:

  • Structured

    • Keyword and keyphrases – looking for obvious words that denote personal information.

    • Formats – looking for particular reference number formats e.g. 16 digit bank code, Sort Codes, D.O.B., Postcodes (exclusions used).

  • Analytical

    • Concept searching – sophisticated routines look for documents that have the same contextual content as others that are known to contain PII, but were not flagged during the structured searching.

    • Machine learning – teaching the system to better spot PII that has passed previous filtering rounds.

Effectively implementing these 4 tactics will work towards GDPR compliance, however, there are other strategies that Apogee can help utilise that will be needed in order to ensure your organisation is fully compliant.

GDPR will be introduced on 25th May 2018 and non-compliance by this time will incur heavy fines. Make sure your organisation isn’t at risk by getting in touch today to understand all the tactics that Apogee can help with before significant financial penalties are imposed.

Our Managed Workplace Solutions are designed with our clients in mind, improving security, maximising productivity and increasing automation.
Related Articles

Read More Apogee Insights

Click here to browse our latest Insights
Keep up to date with all the latest in Managed Print services.


You'll now receive marketing communications about exclusive events, our solutions and business developments. Privacy Policy

Browse Our Managed Workplace Services