Data protection compliance
Data protection breaches don’t have to be caused by sophisticated hacks. Often breaches can result from quite simple circumstances, such as leaving a laptop on a train, throwing confidential personal information into a rubbish skip or accidentally disclosing someone’s personal data to a third party.
Not only does the reputation of your organisation suffer in these circumstances but, from 25 May 2018, your organisation could be fined up to €20 million or 4% of global annual, whichever is the greater.
Does your organisation know what it must do to comply with GDPR? For example, have you reviewed your procedures, consents or your data processing agreements? If not, we can audit your organisation for GDPR compliance and advise you of the specific steps your organisation needs to take.
Are you confident that your employees are aware of their data protection obligations ? If not, we can provide you with bespoke training focused entirely on your organisation and its needs.
Would your organisation be able to deal with a subject access request? Do you know what information is personal data and what is not and what you have to disclose if you receive a request and what you must not disclose? If not, we can help and can also handle subject access requests on your behalf. Our advice is not merely theoretical. We have experience of dealing directly with the Information Commissioner’s Office (ICO) regarding subject access requests and are therefore familiar with the approach that must be taken to make the ICO aware that your organisation has fully complied with its obligations.
Other areas where we can help with your data protection compliance include:
- preparation of data protection policies
- advising in relation to marketing and databases
- preparing data processing agreements
- writing privacy policies
- dealing with the transfer of personal data outside or into the EU