Administrative support, regulatory filings, paperwork and data subject communication.
DSAR, DPIA, RDP, DC, policies, procedures - the introduction of the GDPR brings a significant increase in your compliance workload. This means creating and maintaining policies and procedures; keeping records of the data you process - including why you do it. You have to demonstrate privacy by design, monitor your suppliers and constantly consider how your processing may impact the privacy of your data subjects including staff and customers.
Do you have the time to keep all your paperwork up to date?
Are you resourced to deal with all your data subject enquiries?
What should you put in a Data Protection Impact Assessment, and when is one required?
Will you maintain your records of data processing and data catalogues yourselves?
Are you registered correctly with the ICO and any other relevant regulator?
Are your privacy policies comprehensive, and are they updated as your processing changes and the law evolves?
Do you have enough resource and expertise to manage a data breach?
We can help
Our assisted compliance service builds on the advice and guidance available from our helpline.
We help you achieve compliance, then maintain it. Our experts will work with you to refine procedures and policies, complete your regulatory paperwork and support you in dealing with regulators and partners. We’ll also assist you in your communication with data subjects to address their concerns and handle their enquiries including subject access requests.
GDPR compliance including the completion of DPIAs, records of data processing, data catalogues and other regulatory paperwork; liaison with the regulator; management of staff and external data subject enquiries and subject access request process.
Threat and risk assessment; supplier and technology selection; breach response; handling staff queries including phishing emails, fraud and penetration attempts; policy and procedure development and drafting assistance.
Advice on the management of IT and information security; tendering and supplier selection; supplier compliance monitoring; whistleblowing helpline; trustee and non-executive queries.
ISO27001:2013 and CyberEssentials support including help with non-conformities and advice on audit preparation; PCI-DSS SAQ completion and help with policy and procedure drafting.
How it works
We start by understanding your business and processes. This includes a fixed-price audit visit and a report detailing any actions you need to become compliant.
Once your records and processes are in place, we’ll help you remain up-to-date. You pay a fixed monthly fee to cover the routine work and deal with the expected level of data subject enquiries, and get a discount on our standard rates for any extra work you may need as your organisation grows and changes.
We're available to your staff, business partners and the regulator to handle their enquiries on your behalf.
What else do you get?
You also get inclusive access to our helpline so you can call us for advice whenever you need to.
All assisted compliance customers get a discount on other work including document licences, on-site visits and training. You also receive our monthly update newsletter with analysis of changes in regulation and compliance, tips for improving your security and - if you’ve licensed our policy framework - suggested updates to policies and procedures.