Tailored GDPR support for your business

Having helped many of our clients with their GDPR compliance objectives, our focus going forward has been to provide ongoing GDPR support services that will build upon those initial implementation projects and help maintain and improve compliance.

Challenges of meeting new requirements

For many organisations, the challenge of meeting the new data protection requirements has been quite substantial.

Despite all the hard work, there are still concerns regarding the maturity of many of those compliance programmes that were rapidly implemented.

There are also concerns that the urgency to implement GDPR changes left little opportunity to align policies and controls with existing management systems – such as ISO 27001 which would help with maintaining and improving compliance.

And of course, there’s Brexit. With the UK now classed as a “third country” under GDPR, this brings additional considerations, including (but not limited to):

International data transfers to the UK are not be covered by an adequacy decision, so EU Data Controllers must ensure appropriate data protection clauses are in place with UK Processors
Appointment of an EU representative within the EEA
Reviewing privacy notices to reflect changes to statements regarding international transfers and to identify EU/UK Representatives
Reviewing the Records of Processing (RoP) to reflect changes regarding international transfers
Reviewing (and potentially amending) existing Data Protection Impact Assessments (DPIAs) in light of the changes

Tailored GDPR support for your business

Compliance is not a milestone; it’s an ongoing obligation to ensure that requirements are continuously met.

We are experienced GDPR experts, providing services internationally.

We can tailor our GDPR services to your individual needs in meeting all (or some) of these challenges. This includes, assessing your current GDPR compliance position, implementing a data compliance framework, integrating GDPR into your existing management systems, undertaking GDPR and/or information security audits, or testing the maturity of your data breach incident response plans.

Our GDPR services

GDPR Gap Analysis
GDPR Auditing (which can be integrated with Company’s existing audit plans e.g. ISO 27001)
Development, issue and review of Supplier (Processor) Security Questionnaires and Supplier (Processor) Auditing
Support with development of Records of Processing
Support with Data Protection Impact Assessments (DPIAs)
BS 10012 (Personal Information Management) Certification
General Data Protection Consultancy
Support with GDPR & Data Protection Training
Support with development of Privacy Notices/Statements
Development and/or integration of data protection and information security related policies and procedures (e.g. DP Overview, Subject Access Requests, DPIA Procedure, Risk Assessment, Incident response etc)
Support with Legitimate Interest Assessments (LIAs)
Support with Data Breach Incident Response Testing
Information Security Auditing