GDPR Certification
(General Data Protection Regulation)

The General Data Protection Regulation (GDPR) is a regulation in EU law on data protection and privacy in the European Union and the European Economic Area. The law specifies that data subjects have the right to determine what happens with their personal information. Educational institutions are among the many organizations that must comply with GDPR. For those organizations and institutions that violate the General Data Protection Regulation, EU supervisory authorities may levy fines and impose disciplinary actions.  

$10,000 Fee includes a data protection impact assessment and developing documentation required by GDPR regulators. The comprehensive assessment is conducted by experienced and credentialed professionals who identify gaps and priorities; create a short- and long-term remediation plan; advise institutional officers; produce a final report, certification document, badging, and follow-up.

GDPR Certification Highlights: 

  • Conduct an access and information audit  
  • Identify legal justification for data processing activities. 
  • Provide clear information in a privacy policy 
  • Prioritize data protection for all data processing 
  • Encrypt, pseudonymize, or anonymize personal data 
  • Create an internal security policy and awareness program 
  • A permanent process is in place to conduct future assessments 
  • The process to notify authorities in the event of a data breach. 
  • Accountability and governance 
  • Data processing agreement for third parties 
  • Appoint a Data Protection Officer  
  • Communicate with students about their data 
  • Process for students to update, transfer or delete personal information