GDPR Programme
Major EU Regulation Enforcement
>€15m Budget
16 Programme workstreams
Brightive was engaged in a large business-driven transformational programme aiming to make a multinational telecommunications company based in Belgium compliant with the General Data Protection Regulation (GDPR) of the European Union.
GDPR is a regulation adopted on 27 April 2016 unifying the data protection and privacy rules within the EU. It applies to all companies controlling and processing personally identifiable information of EU data subjects, as its full enforcement across EU member states commenced on 25 May 2018. The regulation introduces a new fines regime for non-compliance with fines of €20m or 4% of annual turnover, whichever is greater.
Working closely with the programme leadership on managing the programme, the Brightive team mobilised and executed a pragmatic, flexible, and scalable Control Centre Service in responding to the evolving governance & control requirements of the programme. In phase 1 of the programme until 25 May, Brightive enhanced control, visibility and transparency across the programme by creating and owning the programme plan and RAID log, as well as by introducing a weekly status reporting procedure. The team was also continuously assisting project managers and workstream leads in defining in-scope and out-of-scope activities, timeline, deliverables, milestones, risks/issues and budget. Furthermore, Brightive guided the programme workstreams through the client’s end-to-end project governance process and assisted them in obtaining the formal gate approvals.
In Phase 2 (25 May-31 December 2018), the Control Centre team was also tasked with onboarding two additional BA resources to provide hands-on support to two programme workstreams in their day-to-day activities. The expanded Brightive team further produced scoping and control mechanisms for the 3rd Party Management workstream (i.e. BPMN process flow chart, vendor progress tracker, inventory tracker and weekly highlight reports) and was actively involved in the processing of vendor documentation.