Need a confidential Chat?
If you need to discuss your needs discretely, please don’t hesitate to arrange a chat with one of our advisors, who will discuss your needs in complete confidence.
Signed NDA’s can be arranged if necessary!
The General Data Protection Regulation (GDPR), which came into effect in May 2018, is the primary regulation in Europe governing the processing of Personal Data, also referred to as Personally Identifiable Information (PII). The GDPR is a lengthy legal text, but ultimately it sets out seven key principles.
An effective method to ensure you are compliant with your data protection policies and procedures is to complete regular Compliance Assessments.
We will complete these assessments in two parts, the first being a review of your documentation; policies, procedures, registers, and records.
Once the assessment is complete, we will deliver a comprehensive report highlighting areas for concern and proposed actions for addressing these areas.
All organisations require a minimum amount of documentation to ensure compliance with data protection regulations. We can help you prepare and improve your documentation to ensure compliance in an efficient but effective manner.
We will help you with
– Personal Data Mapping
– Article 30 Compliant Data Processing Register Development
– Data Protection Policy Development
– Procedure Generation & Implementation
– Data Processing Agreements
Under the GDPR, certain organisations are required to appoint a designated Data Protection Officer (DPO). Organisations are also required to publish the details of their DPO and provide these details to their national supervisory authority.
An organisation is required to appoint a designated data protection officer where:
– the processing is carried out by a public authority or body;
– the core activities of the controller or the processor consist of processing operations, which require regular and systematic monitoring of data subjects on a large scale; or
– the core activities of the controller or the processor consist of processing on a large scale of special categories of data or personal data relating to criminal convictions and offences.
We offer DPO as an outsourced service, often called DPOaaS. You get the benefit of a competent DPO, who has the support of our wider team, delivering data protection compliance but with all our expertise in information and cyber security bringing additional efficiencies.
If you have in house personnel acting as your DPO, we can offer support services, designed specifically for your needs.
Under the General Data Protection Regulation (GDPR), controllers need to undertake a Data Protection Impact Assessment (DPIA) for any processing that is ‘likely to result in a high risk to individuals’, including some specified types of processing. A DPIA describes a process designed to identify risks arising out of the processing of personal data and to minimise these risks as far and as early as possible. DPIAs are important tools for negating risk, and for demonstrating compliance with the GDPR.
We can help you efficiently complete your DPIAs as and when the need arises. We can then advise on actions required to mitigate risks in line with the requirements, that ensure compliance whilst delivering operational efficiencies.
The full text of the General Data Protection Regulation is available here: https://eur-lex.europa.eu/
The Irish Data Protection Commissioners website has a wide range of resources for businesses to help them comply with the requirements of GDPR.
While certification to this standard does not officially guarantee compliance with all requirements of the GDPR, it is a very good framework to help an organisation design and operate your data protection compliance systems that can enable GDPR compliance.