We can act as your Data Protection advice and support service - either as your formal 'Data Protection Officer (DPO)' or as simply a lead on all Data Protection and Information Governance issues to support internal services.
From compliance with legal standards and expectations through to sector specific codes and best practice, we can support your organisation through advice and assurance services. We can provide advice and assurance on any of the following areas and work with you to tailor the service to meet your specific needs.
Our DP Advice and Assurance service can work with you on a range of DP related topics. Some examples of the sorts of things we have helped with before include;
Advice:
Assurance:
either as part of proactive advice or assurance, we can work with you to advise on a number of marketing practices, including:
If you are looking to install new CCTV and/or monitoring equipment, or looking to review current technologies and controls, we can review to provide advice and guidance on any actions to meet statutory and best practice standards. This includes static cameras, dashcams, body worn cameras and other similar technologies.
In addition this can be combined with a review of internal employee controls where any of the surveillance relates to monitoring of employees to ensure compliance with HR & Data Protection requirements.
AI based tools present opportunities for businesses, at the same time presenting threats to your personal and commercially sensitive information. Governing and managing the use of them can present challenges in of themselves. As part of some advice or a review of controls, we can give you advice and assurance on;
We do not current do the certification and formal audits for IS27001 certification, however we can assist with advice and reviews, including acting as your ongoing internal audit provider for your ISO framework.
Additionally we support clients in the management of the framework and assist in their journey to go for and sustain certification with ISO27001.
We have worked with a number of clients to assist them in their NHS DSPT submissions and management. This includes working on specific elements of the toolkit through to management of the annual submission and compliance workplan throughout the year.
From support on handling complex requests or your implementation of FOI related controls through to conducting a full compliance audit, including with any codes of practice. This includes the Freedom of Information Act (England and Wales) the Freedom of Information (Scotland) Act and the Isle of Man Freedom of Information Act.
We can support your organisations needs when it comes to your Information & Records Management framework. A key element of any GDPR/FOI/InfoSec framework we can work with you on advising the best approach and development of controls through to reviewing current controls and highlighting areas of improvement or weakness. This includes;