March 13, 2018

How One SpringCM Partner is Helping Customers Prepare for GDPR

Topics: GDPR

Here at SpringCM, we work hard to build strategic partnerships with best-in-class software and service companies that work with us to bring even more value to our customers.

FY19%20%7C%20Q1%20%7C%20GDPR%20Morae%20%7C%20500%20x%20378Morae Global is one of those strategic partners. They’re an integrated solution provider for the legal and compliance function around the world.

And as an advisory organization dedicated to supporting General Counsel, Chief Compliance Officers and others with Legal and Compliance responsibilities, they’ve been very busy with customers helping them to prepare for GDPR.

I sat down with James Ewing, Senior Managing Director at Morae, to gain perspective on how they’re helping their customers prepare for the GDPR.

How are you helping your customers prepare for GDPR?

James: Our customers and their outside counsel typically have a very good understanding of the legal requirements facing the company, and GDPR is no different. Where we come in is helping to turn those requirements into actionable steps to take in order to achieve compliance. With GDPR, which is wide-ranging and complex, the steps range from helping our customers efficiently develop a record of processing activities, to designing system remediation strategies, and efficient approaches to ensuring vendor compliance, along with training and awareness for employees. Our value-add is in simplifying the complex.

What resources have you found particularly helpful in preparing for GDPR?

James: There is no lack of quality resources out there. Law firms and consulting firms are putting out useful guidelines and checklists. Following the WP29 guidance is critical as most already know. I have also found some of the paid privacy information services to be very valuable, especially in looking for useful templates and best practice examples, plus the ability to research issues within certain markets.

If you were to give one piece of advice regarding GDPR what would it be?

James: I actually have three pieces of advice.

First, prioritize. Although you are working toward full compliance, you need to spend time up front prioritizing to ensure that you are dealing with your biggest gaps and riskiest issue first. Otherwise, you will quickly become overwhelmed with all that needs to be done.

Second, don’t forget that a key component of GDPR is the need to be able to “prove it”. You need to be documenting how you are achieving compliance, and then preparing in advance for audits of the program and due diligence of your vendors post-May.

Finally, it is difficult to do this alone - look for help. There are a number of great partners out there, from law firms with exceptional expertise in this area to technology vendors that are continuously developing new tools to help ease the compliance process.

Read SpringCM's comprehensive GDPR Overview.

The Road to GDPR Compliance

SpringCM and Morae Global share a commitment to helping our customers prepare for the looming GDPR deadline.

Here at SpringCM, we’ve developed a number of resources to help our customers on their road to GDPR compliance (all categorized below). 

Blog Posts:



  • Securing Privacy: Understanding the Impact of GDPR A whitepaper that provides a clear understanding of the regulations, including challenges, citizen's rights, and the current state of privacy. After reading this whitepaper, you’ll understand how to analyze how compliant your company is today vs. where you need to be.

As you prepare, it's important to note that this post doesn't serve as legal advice. If you'd like guidance on your company's specific circumstances, please consult your legal counsel.


Subscribe to Our Blog