Our GDPR ServicesOur GDPR Compliance Framework can get you compliant within 6 weeks!
With our GDPR Framework using guided self-assessment, document templates, reference materials and support.
With our training, outsourced DPO and other related services.
Make achieving and maintaining compliance simpler with our vetted third-party services
GDPR COMPLIANCE ASSISTANT
The jewel in our GDPR Framework is our GDPR Compliance Assistant. This cloud-based service significantly simplifies achieving GDPR Compliance, taking you through all of the steps you need to take to become compliant through a clear set of instructions and guides.
Our GDPR Compliance Assistant helps you undertake a detailed “GAP Analysis” on your organisation to identify any shortcomings and non-conformities to the new regulations. It will check you have all of the required policies and procedures in place, provide templates and examples where needed, and give you a basis for gathering supporting evidence and documents.
TEMPLATES AND MANUALS
As part of our service, you will receive a set of three folders:
- The Resources Manual contains reference materials include an indexed annotated copy of the GDPR document and all Recitals, User Guides and references.
- The Operations Manual will hold your organisation policies, plan and procedures.
- The Confidential Manual will hold your sensitive documents that relate to data protection within the organisation, and is a place to store hard copies of audits, asset registers, records, contracts, policies and procedures. This will be useful if you need to produce them to an auditor or access them during a systems outage or security incident where electronic copies cannot be accessed.
In addition to the manuals, the Compliance Assistant contains templates for all the documentation that you may need ready to be completed and filed in the manuals.
EXPERT CONSULTANCY AND SUPPORT
In addition to the Compliance Assistant and Folders, our GDPR Framework also includes 4 hours of remote support and consultation to assist you throughout the compliance process.
We begin with an initial 30-minute telephone consultation to explain the key points of the GDPR and how it specifically relates to your organisation, along with a walk-through of our Compliance Assistant and supporting tools we provide, including our custom-built Data-Flow Mapping tool. The remaining time can be used on an ad-hoc basis for general advice and guidance – be that on data mapping, international transfers, the legal basis of processing, or anything else covered by the GDPR.
In addition to the GDPR Compliance Assistant and remote consultation, we can also provide an onsite auditor or consultant if and when required for a fixed daily fee. If you would like to discuss this option further or would like a quote for an onsite-led audit / GAP Analysis then please use our contact form (left).
According to ICO data, 87% of incidents reported to them in Q2 2017 were caused by human error and not malicious activity. If you don’t want to be one of those reporting an embarrassing and easily avoidable breach it is important to ensure all personnel handling sensitive data know how to handle data and what they can do to manage the risks and threats. Cyber Security Best-Practice is also to ensure all staff undergo awareness training to minimise risk.
Our Awareness Training programs provide the following;
- Quality content written by industry experts.
- Trackable traceable training with reporting.
- Assesses understanding and offers tailored modules based on results.
- Training on the go – Flexible delivery via email and SMS.
- Modules are bite-sized and can be viewed on tablets, laptops and smartphones.
DATA PROTECTION OFFICER (DPO) BY PROXY
In the GDPR there are certain conditions where you need a Data Protection Officer (DPO). For example you must appoint a DPO if you:
- Are a public authority (except for courts acting in their judicial capacity).
- Carry out large scale processing of special categories of data or data relating to criminal convictions and offences.
- Carry out large scale systematic monitoring of individuals (for example CCTV, online behaviour tracking (cookies).
The DPO’s minimum tasks are:
- To inform and advise the organisation and its employees about their obligations to comply with the GDPR and other data protection laws.
- To monitor compliance with the GDPR and other data protection laws, including managing internal data protection activities, advise on data protection impact assessments, train staff and conduct internal audits.
- To be the first point of contact for supervisory authorities and for individuals whose data is processed (employees, customers etc).
Regardless of whether the GDPR obliges you to appoint a DPO, you must ensure that your organisation has sufficient staff and skills to discharge your obligations under the GDPR. Having an appointed DPO is beneficial to the majority of organisations, however having a dedicated internal DPO resource can be cost-prohibitive.
It is for this reason that we offer an out-sourced DPO Service for organisations who can’t justify the cost of a internal DPO. If you would like to find out more about our DPO-by-Proxy service please book a 15 minute consultation with one of our experts.
Cyber Wardens are members of staff (Internal or Outsourced) that perform periodic checks on an ongoing basis (eg. monthly) to ensure cyber security procedures and policies are being adhered to and that compliance with various regulations (eg. GDPR) is being maintained.
Our cost-effective monthly Cyber Warden service provides organisations with the “checks and balances” required to uphold security policies and operational procedures, and to maintain GDPR compliance.
The Cyber Warden service includes, but is not limited to:
- Confirming & evidencing Back-Up & Recovery procedures are being followed.
- Checking Leavers/Joiners Policy is being adhered to by HR, IT departments.
- Ensuring Policy changes are communicated to and understood by affected individuals.
If you would like any further details or to discuss your requirements please contact us.
In order to achieve and maintain GDPR compliance, your organisation may need additional services to help address issues identified in the GAP Analysis and/or fix non-conformities with the regulation. We have vetted and approved partners that can help provide the following;
- Cyber insurance.
- Human Resources management services.
- Legal Services.
- Cyber Security services including Vulnerability Assessments, Penetration Testing, Encryption, Identity Management and Anti-Virus.
NEED TO KNOW MORE?
Book your 15 minute consultation and speak to one of our experts who can evaluate your needs, and answer any queries you may have regarding the GDPR.
READY TO GO?
GDPR123 COMPLIANCE FRAMEWORK
Cloud-based “GDPR Compliance Assistant” Software
Fully Annotated Regulation Documents
Over 80 Policies, Procedures, Plans and Registers
Data Flow Mapping Tools
Set of Physical Folders and Manuals for reference and record keeping
Support and Guidance from your own team of GDPR experts
We provide everything you’ll need to both achieve and maintain compliance!
All prices shown are subject to VAT