GDPR Consultancy & Advice
GDPR is designed with today’s technology in mind and brings data protection regulation into the 21st century and strengthens the privacy rights of EU citizens, giving them more control.
Our GDPR consultancy service is designed to help you, as a data controller, assess your high-level compliance with data protection legislation which includes the new rights of individuals, handling subject access requests, consent, data breaches, and designating a data protection officer, under the General Data Protection Regulation.
Over the last few years, a number of potential and actual security breaches have been reported. When these are reported and investigated by the Information Commissioner’s Office (ICO) their first port of call is to check on the governance arrangements for information security, including whether an organisation has a Senior Information Risk Owner (SIRO) and/or Data Protection Officer.
The magnitude for fines has increased dramatically and can be up to 4% of global turnover.
If you have an information security question or would like to hear from one of our consultants, please contact us now
Our GDPR Services
In the information security and data protection arena, our GDPR services cover both training and assessment:
- GDPR Readiness Assessment and Gap Analysis
- Data Protection Impact Assessments (DPIA)
- Data mapping and classification
- GDPR controls assessment and attestation
- Data protection and information security onboarding
We provide:-
- Data Protection Compliance Audits – assessments so your organisation can identify and focus on critical, high risk or weak areas of your personal management system
- Data Protection Impact Assessments
- Assistance to management in formulating policies and good practice
- Staff training and awareness programmes
We have provided guidance and auditing on some of the most sensitive personal databases held by the security agencies in the UK.
Benefits of GDPR Compliance
- Following personal data breaches, many organisations have signed a formal undertaking to the ICO related to personal data losses which the Commissioner, and in some cases the media, then publish
- Have technical measures in place to mitigate the risk
- Have policies and procedures to dictate how these should be used
- Training and awareness to staff to remind them of their responsibilities
- Provide the ICO evidence that Data Protection is given significant importance within the organisation
If you have an information security question or would like to hear from one of our consultants, please call us now