Services
Discover our services
Explore Discover new data and digital opportunities, prove their value, and unlock your business potential.
Strategy Map out technology-driven strategies to forge your data-driven and digital-first future vision.
Transform Build strong data and digital foundations, strengthened by ML, AI, data science, and apps, to achieve your goals.
Enable Establish self-service analytics, citizen data science, and low-code/no-code platforms to support your business intelligence.
Our Work
Contact
Case Studies

Eliminating 10 major GDPR risks in just three months for improved compliance.

Our data discovery solution erased or decreased 10 PII data risks from high to low status on the Data Controller Register. Aquila is now considerably more GDPR conscious.
The Challenge
Aquila was responsible for delivering a £1.5bn Ministry of Defence contract to transform military air traffic management across all MOD operated sites.

In March 2018, Aquila knew they needed to prepare for GDPR, but were uncertain what PII risks they had, or what steps they needed to take to ensure they were managing personal data of employees and suppliers correctly.

Our Solution
Aiimi ran a data discovery exercise to determine the level of risk Aquila faced regarding PII, and catalogued these in a risk matrix to develop mitigating actions.

We then worked collaboratively with Aquila’s Information & Security Manager to assign ownership to each risk and create an action plan. Alongside this, we created guidelines to update existing information policies, multi-media communication artefacts to raise staff awareness, an Employee Privacy Statement, and a Data Controller’s Register.

The Results
By the end of the discovery exercise, we found 14 risks classified as “high”.

Over a three-month period, 10 of those were reduced to low risk or removed completely from the register. Aquila now has a library of information policies and registers to support their employees in understanding how they should collect, use, store, and either delete or archive information according to their business classification.

Aquila also now has an Employee Data Privacy statement that outlines its commitment to new employees regarding how their personal data will be treated. Creating these communication artefacts and running workshops with different stakeholders has meant Aquila is much more GDPR conscious.