GDPR

• Initial 2-hour meeting including legal overview advice from The Legal Partners on GDPR issues specific to your business.
• Guidance on producing your data map.
• Introductory technical overview of software requirements and how Data Protection Impact Assessments will help you to show Compliance.
• Access to pre-booked legal telephone follow-up (20 minutes slots available) to assist with GDPR compliance next steps.

Special package price of £1850 pre VAT

Once the data map is complete, a PIA review is needed to look at the relative strengths and weaknesses within the organization and highlight the shortcomings. The result is a defined action plan to rectify these issues, which may include upgrading software, defining or redefining procedures or staff training. Each organization will have distinct needs, so we would need to have an on-site meeting to determine a budget, prices, resources and a time-line.

Many organizations, often with legacy software, will be sitting on a massive amount of information going back years or even decades. As part of the implementation of GDPR, organisations need to show a commitment to data minimization. That means information would need to be extracted, analysed, cleansed and then brought back into the database or another solution. We have specialists who know how to access the database table and isolate records that no longer meet the needs of the organization. This is bespoke work, so an inspection of what’s involved would be required before a budget can be agreed.

Putting your system through its paces is a good way to see if there are any weaknesses in your cyber security. We have professional “hackers” who will attempt to break into your network, website and remote devices and will provide a detailed report to your IT department. It’s important that this process should be done by a 3rd party to keep true independence, but also your existing IT provider may be too close to the system and a second pair of eyes can pick up on something they might miss.

We encourage each client to take ownership of the project as they will know the ins and outs of their organization better than we will. What we will do is make sure our legal team can provide oversight and advice, looking over policies and procedures and helping to design and conduct training programs to facilitate your GDPR training programme.

GDPR is an on-going process as organizations continue to evolve and progress towards data Compliance. The ICO doesn’t want to see a one-off, tick box exercise, but a business community evolving to meet new challenges. As part of this, we are offering a 6-monthly review to make sure that organisations are still on track or whether anything needs modifying as situations may have changed or not may not have been fully understood at the start. We also offer remote DPOs for organisations that have specific categories of data but are not of sufficient size to justify the expense of hiring one on their own. This will mean that organizations can still access specialised skills at an acceptable cost.