We understand that every business is different. That is why we also offer bespoke GDPR services tailored to you. Some clients want to utilise our IT knowledge to audit third party processors, while others just want a GAP Analysis.
Our services include the following core elements:
This crucial stage delivers a deep understanding of your data environment and the privacy culture of your organisation.
- GAP Analysis – This involves having a team of key stakeholders and then identifying a high-level picture of your organisations current environment against the expected standards of compliance principles. We guide you through the process and deliver a comprehensive compliance report and business case.
- Project Planning – We help you to put in a place a pragmatic plan, which balances your appetite for risk, budget and available resources across the seven key areas of data governance. This crucial planning stage enables you to set priorities for each stage of your implementation and management journey.
- Data Mapping – To achieve a privacy environment you need to understand what data you have, where the data came from, where that data is stored and who has access to it. This will provide the insight needed to make critical decisions regarding collection, storage, retention and access.
- Data Privacy Impact Assessments (DPIA) – These should be carried out where personal data is at high risk or when changes to your environment are made. By evaluating the measures, safeguards and mechanisms of your systems and making necessary changes before processing personal data, you can significantly lower risk.
This stage takes the information gathered and delivers on the cohesive plan and agreed actions so that you can take your organisation on its data privacy and security journey.
- Framework implementation – A valuable resource that delivers agreed outcomes. You can be sure that you are well on your way through your Data Privacy and security journey, in a clear and methodical manner that includes tangible progress reporting.
- Document Delivery – You need to have policies and supporting documentation that deliver and support your data privacy framework. Our easy to use and comprehensive portfolio of relevant policy documentation can help to manage your organisations data privacy environment, without the headache of starting from scratch.
- Supply Chain Auditing – You take responsibility for the data you hold even though others may be holding or processing that data e.g. using a CRM or an outsourced IT Services company. Do they have the controls and protections that will minimise your risk of data breach? These audits enable you to judge the risk and actions required to safeguard your organisation.
- Business Continuity Planning – Many companies struggle to survive following significant incidents. Instead, implement a comprehensive Business Continuity plan that reduces risk and ensures that roles and responsibilities are clearly defined.
Your organisation needs to maintain, react and respond to various changes internally and externally. For example, legislation and regulation environments are due to change in the coming years and you will need to have plans on how to deal with requests and breaches.
- Auditing – We can provide impartial external validation on your Data Protection Stance by means of a thorough IASME backed audit (based on ISO27001 principles) which allows you to tangibly demonstrate your progress.
- Training – Your staff are crucial to the successful implementation and maintenance of your security framework. Our training packages, in conjunction with our partners, range from basic awareness training to full GDPR preparation training, specifically for the education sector.
- Breach and Request Management – Organisations only have up to 72 hours to report a breach to the ICO and a month to respond to data requests. This critical stage can have a big impact on outcomes and is typically resource intensive, so it is important that you get it right!
- Outsourced DPO – You may need a Data Protection Officer to assist in the ongoing management of your Data Privacy and Security Framework. Our proactive management services ensure you are only a phone call away from advice or assistance. Just like outsourced HR, this tailored service is the most cost effective way to gain the expertise you may need.