The Royal Pharmaceutical Society (RPS) leads the profession of pharmacy to improve the public’s health and wellbeing.
The RPS is the professional membership body for pharmacists and pharmacy in Great Britain and an internationally renowned publisher of medicines information.
As part of the new regulations for the General Data Protection Regulation (GDPR) coming into force on 25th May 2018, RPS was actively putting measures in place to ensure it is compliant and understood the implications of the legislation going forward.
RPS partnered with Equantiis to undertake their GDPR Readiness assessment due to their knowledge and experience within data privacy and Cyber Security, and ability to help the organisation understand, interpret and meet the regulation.
Equantiis proposed to carry out a GDPR readiness assessment for RPS, which is designed to gather specific information related to all the articles within the regulation. Equantiis’ approach has been developed utilising it’s legal, business and technology expertise to produce a GDPR readiness tool that enables organisations to be benchmarked against regulatory readiness and maturity within a sector.
The first step as part of the engagement with RPS was to brief all staff on GDPR, enabling the myths and misconceptions to be eliminated, and highlighting how the new regulation would have a positive impact on the organisation.
The readiness assessment started with an initial online questionnaire which was answered by several people within the business, followed up with a series of face to face interviews with nominated staff identified by RPS.
Supporting this, Equantiis carried out a high level review of RPS’ technology estate, along with internal and external touch points to identify potential gaps or issues.
The output of the readiness assessment provided RPS with actionable plan that identified the gaps in becoming compliant and what remedial work was required to be carried out.
From undertaking the Equantiis GDPR readiness assessment, RPS were quickly able to understand the gaps in their current processes, policies, technology and training in relation to data privacy maturity.
RPS had a clear understanding of their obligations under the regulation and what tasks they needed to complete in order to become compliant due to the way in which the results were clearly presented to them.
Equantiis’ GDPR readiness assessment tool enabled the RPS to:
- Understand the organisations readiness for GDPR and impact on;
- Business Processes
- Business Services
- Business Applications
- Protect users and member data from misuse
- Define gaps in current business practices and create a prioritised roadmap to achieve GDPR compliance