Data Protection Services for Business

Personal Data Breach

Personal Data Breaches will happen, we are all busy and sometimes we just make a mistake.  Press send on an email containing a spreadhseet of personal and sensitive data that goes to the wrong person or group of people and 'boom'  - you need to act quickly to diffuse the situation.

It is how you deal with data breaches that matters.  We provide support, advice, guidance, damage control, reporting and investigation services, right when you need it.

Subject Access Request (SAR)

Subject access requests can be time consuming, overwhelming, vexatious and emotional.  What do you release, what should you not release.  What forms of ID do you need to collect from the requestor?  Is it contentious, is it vexatious, does it form part of an ongoing investigation?

We provide real-time help and support with SAR's, taking away the uncertainty and sensitivity,  we unravel and deal with all of the above so that you don't have to.

GDPR Training

Yes, you really should do this, and while you are at it, you need to make it interesting and relevant to your audience.  It has to mean something to the individual and their day to day role.

Or you could just ask us to do it for you and say no to dull, boring and irrelevant training just because you need to tick the compliance box.

Data Protection Impact Assessment (DPIA)

The DPIA is an important document that may be required when you acquire new software or platforms, implement new ways of processing and sharing data both internally or with third parties.

The DPIA is a very specific document, and if you know that you need one, then you know how important they are.

They are living documents that contain key information for your IT teams, your administrators and your project leads within the organisation.

They are also complicated to write in a way that everybody understands them and their individual responsibilities within the DPIA for the data being processed.  They are rarely done well.

We do them well, and you will love them.

GDPR Compliance Audit

One of the key questions asked by businesses and their stakeholders is "are we compliant?" and "how do we know if we are doing it right?".

Those are the questions that we can answer for you with our GDPR Compliance Audit. The audit is a deep dive into all areas of compliance that your organisation should be either working towards or have in place. The audit will provide a detailed RAG rated report highlighting the areas you are doing well, those areas which may need more work, and those areas that you might need support with. 

This is not a self-service audit, we visit and take you through every section of the audit, evidencing current processes, procedures and documentation, followed by recommendations and presentations to the relevant stakeholders if required. Don’t hesitate to contact us if you would like to know more.

Retention & Destruction of Data

Businesses create, store and process huge amounts of personal and sensitive (special category) data on customers, partners, suppliers and employees, and in most cases will “keep it just in case you might need it”.

This results in several issues from storage space for both hard copy and electronic data to not adhering to your retention and destruction schedule against set retention periods.

How many times has the stationary cupboard become an accidental storage room for all those customer files that no-one is quite sure what to do with.

We can advise, create and implement a relevant retention schedule, and train your teams on how to apply the schedule and complete the appropriate paperwork, or we can do the job for you. If you are considering what to do with the vast amount of data that you hold, get in touch and we can talk through the best options.