Medical Devices Industry


Client in the process of planning for centralized management of processes as part of global supply chain harmonization. In parallel were planning on SAP rollout and GDPR compliance.

  • Business processes had to be harmonized or maintained as business differentiators.
  • No global communication or synergies were planned.


Layer 8 Security assigned a program manager and data privacy / security SME(s).

  • Identified that business processes and meta-data definitions could be leveraged for GDPR.
  • Combined projects into global program.
  • Kicked off new program with workshop.


Layer 8 Security managed the end to end program

  • The client saved time and money through the combination of 2 projects
  • The governance structure for both data & process ownership and data privacy were set up as one
  • The benefits of a full understanding of the business processes were realized as a result of defining processes and where PII / PHI data was being stored and processed
  • Risks were mitigated that may not have been if the processes were not mapped

Key Success Factors
  • Leveraged understanding of master data and mega-process definitions and harmonization efforts to address 2 major projects in 1 global program.
  • In depth understanding of manufacturing process and global supply chain challenges lead to the ability to combine the identification, assigned ownership and mitigation requirements for GDPR.


Talk with our award-winning team