From May 2018, new data protection laws (GDPR) will completely change how you deal with consumer data and individual persons’ information.
All businesses providing goods and services to EU residents will be required to conform to the requirements it lays down, or face serious penalties.
We have joined with HEXAD Information Security Services to provide help for organisations, both charities and business, to explain how to become and stay compliant under the new laws.
The service was very informative
The service was very satisfactory and informative and kept me up dated throughout.
We can host a group Workshop on how to best complete a data audit and gap analysis for your business.
We are also able to provide data inventory and gap analysis on an individual basis. This is a one-day session at your premises looking specifically at your data.
We are happy to discuss all aspects of the GDPR with you further whether it be audits, training, consultancy acting as Data Protection Officers, Cyber Essential Accreditations or general advice on compliance.
The new laws are about understanding the technical and organisational requirements of the Regulations, not just having paperwork in place. You need practical solutions to allow your continued compliance and evidence of this in practice.
We can provide these drafted documents which will be licensed to your business.
- Complaints procedure
- Audit checklist for compliance
- Privacy notice
- Risk Register
- Data Register
The documents that the ICO (The Information Commissioner’s Office) will expect to see in place are:
- Data protection policy updated for GDPR compliance
- Training policy
- Information security policy
- Data protection impact assessment procedure
- Retention of records procedure
- Subject access request form and procedure
- Privacy procedure
- International data transfer procedure
- Data portability procedure
Some larger organisations will already have some of these in place but they will need to be updated to comply with GDPR.