General Data Protection Regulation (GDPR) for Higher Education Institutions

calendar iconJanuary 4, 2022
Download Brochure

How the GDPR Impacts Colleges and Universities

The new General Data Protection Regulation (GDPR) rules affect how higher education institutions process and manage the personal data of EU residents. Colleges and universities who collect and maintain personal data from EU residents are required to comply with the new regulations, even if their institution does not have a physical location in the EU.

The regulations govern how personal data is collected and secured from applicants, students and faculty while they are in the EU. This impacts departments across the entire university, not just the admissions, study abroad and foreign exchange programs. Is your institution taking the necessary steps towards compliance with the GDPR? Important stakeholders include: business officers, admissions officers, study abroad officers and IT personnel.

In order to ensure compliance, Cherry Bekaert assists institutions with the following services:

  • Awareness & Education of Key Stakeholders
  • Readiness Review
  • Inventory and Mapping Data
  • Compliance Evaluation
  • Recommendations

First Steps

Cherry Bekaert believes building a sustainable program of information governance should ensure the following:

  1. University-Wide Strategy: It has to scale across all departments and programs; and it has to ensure enforcement throughout the entire life cycle of the data processing
  2. End-User Strategy: Privacy and data protection is of paramount importance to individuals and learning institutions. Universities must earn trust by respecting staff, faculty and student concerns around their data
  3. Legal Strategy: Compliance is the foundation of data protection, and encourages the need to adopt mutually beneficial safeguards for the university and its population

Let Cherry Bekaert help you design and deliver a data protection solution aimed to mitigate risks through a structured methodology that documents:

  • Data Governance
  • Information Security
  • Data Protection & Privacy

Questions To Ask

  • What personal data do you process?
  • How is data stored and protected?
  • How is personal data transmitted across the university’s system?
  • Where is data transferred to/from and who has access to the data?
  • Are security policies in place to meet the new GDPR?

How Can We Help You?

Successful implementation of the new GDPR rules starts with the right team and a focused methodology. A university’s data protection strategy requires the right balance of system, process and privacy resources, plus a proven, pragmatic methodology performed by a team with hands-on industry experience. Cherry Bekaert offers industry leading professionals with experience assisting organizations with complying with regulations for the first time. We bring decades of experience with information security and data protection.