The effect of GDPR on any organisation which handles personal data is significant. It impacts across a business from strategic decision making and governance through to marketing and customer communications.
Complying with the Data Protection Act 2018, which implemented the GDPR, is an ongoing responsibility and one which many firms are finding challenging.
We have supported, and are continuing to support, companies which have been struggling to implement GDPR and are concerned about the implications for their business of breaches – however unintentional.
Ongoing support and advice
We provide a range of support including:
Initial and refresher training
We offer training for both decision makers and operational staff. We will provide clarity about what responsibilities look like for senior staff and how these should be allocated and managed and take operational staff through the day to day activities which are impacted by GDPR, providing practical advice and guidance relevant to their roles.
Data mapping review
If you have concerns about how robust your data mapping processes have been we can provide advice and support, taking you through key questions such as:
- • What data do you gather, hold and process?
• How much are special categories of data (formerly ‘sensitive data’)?
• Who accesses it and in what locations?
• Where and how is it held?
• What do you use it for?
• Where did it come from and what permissions do you have to use it?
• How recent is it and how accurate
We have developed a GDPR toolkit for firms to tailor to their own processes. The toolkit covers essential items such as:
- • DPA Policy plus supporting processes and registers for each of the following:
‒ Right of access
‒ Right to rectification
‒ Right to erasure
‒ Right to restriction of processing
‒ Right to object
• Client privacy notice
• Template marketing consent
• Template just in time notice
We are undertaking post-implementation assessments for firms looking for an independent view of their data arrangements. We will conduct a review visit to check that the processes you have in place are sufficient to meet the requirements and obligations of GDPR and offer recommendations where we feel arrangements may need strengthening.
Complying with the Data Protection Act 2018 is an on-going requirement; if you have concerns that your firm may not be as compliant at you would like or you simply want an independent review of your arrangements for peace of mind, please contact us and we can discuss what support is best suited to your business needs.
For more information about our services or to discuss how we can support your business to comply with GDPR please contact us on 020 7436 0630 or email: firstname.lastname@example.org.