(“The Fort Privacy Framework” or “GDPR Compliance Framework”)


A few months ago a friend of ours who is doing a doctorate in the area of Data Protection – and yes, there is such a thing and yes his area of research is very interesting – came across an academic paper analysing maturity model framework methodologies for GDPR Compliance (DATA PROTECTION MATURITY: AN ANALYSIS OF METHODOLOGICAL TOOLS AND FRAMEWORKS by Tamás Laposa and Gáspár Frivaldszky).

We were pretty pleased to find that they had included the Fort Privacy Framework. However, we were a bit dismayed to find that the authors identified gaps in our framework – pretty basic gaps also. And gaps which actually don’t exist – the problem was they couldn’t find the information to verify that the Fort Privacy Framework actually addressed the specific topics. In the absence of evidence, they assumed it didn’t.

We know, because we have tested it, that our Framework maps to the GDPR and covers everything that an organisation needs to address for compliance. It was one of the basic requirements we set out for the Framework on day one.

What we haven’t done before now is set this out in detail and make it all publicly available.

After a lot of very hard work, we finally have our own Framework whitepaper.

This is not an academic whitepaper because we wanted to document something that any business who is using the Fort Privacy Framework or wants to use the framework can pick-up and use. We see this as our first release of a Framework that will be maintained and updated regularly.

After all, our understanding of GDPR is maturing, our GDPR compliance activities aren’t static and most importantly we are learning from doing. Everything we learn from working with our own clients day-in day-out on Framework implementation gets reflected back into our Framework in some shape. That may be new templates or updates to existing templates, new GDPR audit questions or improving our GDPR audit methodology. In the next few years we expect to figure out how our Framework will support organisations who are on a GDPR Certification journey (we are confident it will be a terrific help).

The Fort Privacy Maturity Model Framework was a (hard) labour of love to start with but as we realised just how powerful the Framework really is it inveigled its way into every aspect of our business – now we simply could not deliver without it.

We hope you try it out. With or without our support it will help you in your GDPR compliance journey. Just remember to give us the credit.

The Fort Privacy Maturity Model Framework – Not just a pretty picture!

With special thanks to Amy, Daniel and Gemma who not only contributed to this paper, but who contribute to maturing the Framework every day


The Fort Privacy GDPR Compliance Framework

We always say that “compliance is a journey and not a destination”. Think of the Fort Privacy Framework as the map that brings you along that journey.

Fort Privacy processes your personal data in order to respond to your query and provide you with information about our products and services. Please see our Data Protection Statement for further information

Crash, Bang, Wallop! What happens when Artificial Intelligence meets GDPR?

07 March 2024

As a technologist, I am both excited and appalled at the developments in AI and it seems from various surveys that I am not alone. My greatest wish is that we can harness its power for good while dampening its power for misuse. It is early days yet – let’s hope this wish comes true!

The Great 2024 GDPR Quiz!

08 January 2024

Everyone loves a quiz so we decided we would kick-off the new year with a bit of tongue-in-cheek fun.

Have you been naughty or nice this year?

21 December 2023

Continuing the tradition of the Fort Privacy Christmas blog this year we are thinking about Santa and AI. Well, we need to keep these articles topical after all!

Scroll to top