Expert data protection services for today, tomorrow and into the future
In this modern world of technology and e-commerce, businesses are collecting, controlling and processing huge amounts of data regarding individuals and their personal lives. Personal Identifiable Information (PII) is obviously something we would all like to have complete control of.
Currently, many EU member states and their Supervisory Authorities (SA), have conflicting rules and procedures which at times can leave the individual data subject and their personal information open to a world of potential exposure and criminal activity.
On the 25th May 2018, the EU will be enforcing the EU General Data Protection Regulation (EU GDPR) which aims to harmonise the member states and how they process personal data. This will be enforced to anybody dealing with personal identifiable information of any data subject living in any of the EU member state countries.
The EU GDPR will be replacing the Data Protection Act 1998 which is currently in place in the UK. It is essential that businesses understand the changes to maintain their data protection obligations and to avoid the significant consequences of non-compliance.
All private and public sectors will be obligated to adhere to this new regulation. Retail, Health and Education sectors to name a few, will need to ensure that new data subject rights are communicated and that their Personal Identifiable Information (PII) is controlled and processed abiding by this new regulation and its procedures.
Our consultants are fully trained in offering EU GDPR consultation and training. As members of the International Association of Privacy Professionals (IAPP), we ensure that our commitment to the protection of data can be passed on to our clients which will give you the confidence in compliance regarding the new regulation.
Organisational Readiness Assessment
Our consultants are armed with the latest knowledge and tools to help you assess your current policy and procedures and propose an effective action plan going forward.
We can provide you with expert gap analysis to ensure an effective plan will ensure future compliance once the new regulation is being enforced.
Data Protection Impact Assessment (DPIA)
It is inevitable that with this new regulation being introduced in May 2018, organisations will have to amend and introduce new procedures. One of the new principles of the EU GDPR is that organisations must adopt a “Privacy by Design and Default” attitude to their data protection. This is also something we can help out with by conducting fit for purpose Data Protection Impact Assessments (DPIA) on processes which are new to your operation.
Staff Awareness Training
The new regulation will put added pressures on data controllers, whilst at the same time make data processors more culpable for their actions regarding personal information. This is something we can address with bespoke EU GDPR staff training. It is well documented that data breaches are mostly down to human error due to lack of data privacy understanding. Our awareness training can be directed at the complete workforce from front of house staff to managers and directors.
Data Protection Officer (DPO) Service
Unlike the existing Data Protection Act, some organisations will have to appoint a DPO under the EU GDPR. It is also advised that although some organisations will not be obliged to appoint a DPO, it will be good practice to do so. This will be a full-time commitment and additional pressure to an employee’s normal day to day routine. We can offer this service in a bespoke manner which will completely take this burden away from the organisation and give you complete peace of mind that your EU GDPR obligations are being addressed and maintained.