If you’re still not sure you’re up-to-date and prepared for your responsibilities under the General Data Protection Regulation 2016/679 and Data Protection Act 2018 we can help you.
We have already helped e-commerce companies, SME’s and startups unpick what the regulations mean specifically for their business and develop and implement successful action plans to help them reach compliance.
We offer support in the following areas:
- Defining personal and special category data
- Handeling personal and special category data
- Information Assets & Record of processing
- Contract review
- Breach Notification
- Legal Basis for processing
- Privacy Notices
- Data Protection Impact Assessment
- Data retention and destruction
- Data Subjects Rights
- Breach Notification
- Information Security Policies
- Industry and role specific training
- Outsourced Data Protection Officer
If you need or want to elect a Data Protection Officer, but either don’t hold those skills internally or don’t need a permanent staff member, outsourcing the role is a cost effective solution.
We can provide your Leadership Team with the advice and support you need to comply with relevant privacy regulations and legislation; to inform and uphold the rights of data subjects and ensure an appropriate risk-based system of controls over all personal data processed by the business.
As outsourced service provider, we remain independent and free from internal conflicts of interest.
This is a wide ranging service that includes:
- Registering as DPO for your organisation
- Acting as first point of contact for supervisory authorities and for individuals
- Informing/advising you on your obligations under the GDPR and other data protection laws
- Monitoring compliance under the GDPR and other data protection laws
- Implementing internal data protection activities
- Implementing data protection policies
- Implementing breach notification processes
- Implementing process to respond to the rights of data subjects
- Developing Data Protection Impact Assessments and processes
- Developing processes for maintaining recording personal information processing activities
- Developing processes for logging of any data protection incidents
- Preparation for privacy/information security certification, accreditation and audit
- Advising on when and how to carry out automated testing or manual security testing
As experienced information security standards and policy writers we can review your current information security policies, or help you develop new ones.
We have already developed internal policies for a number of companies to help them underpin how they mange their data protection and information security requirements.
We can develop and review polices governing:
- Privacy (both notices and policies)
- Data protection
- Information and Network Security
- Data Subject Rights
- Handling personal and special category data
- Safe File Transfer Protocols
- Internal and External Breach Notification
- How to record processing activities
- Data minimisation and user access restriction
- Data retention and deletion
If you’re making changes to your services or software we can help you. As subject matter experts and experienced project and programme mangers we can help you define and develop a change programme and help you manage and control that change.
We can advise on:
- Web application change and development
- Mobile application change and development
- Back end change and development
- Cookie controls
- Back of house support (eg HR and Finance)