In force since 25 May 2018, the General Data Protection Regulation (GDPR) brings the most sweeping changes the data landscape has seen in 20 years. A greatly enhanced fines regime (up to 4% of global turnover or €20 million), radical changes to consent and the requirement for organisations to be fully accountable requires businesses to address their policies and procedures.
If you are concerned your business is not yet fully compliant, or if you need advice on what your obligations are under the GDPR, our data protection experts can assist.
HOW WE CAN HELP
We strongly advise all businesses to put in place a well-constructed and comprehensive compliance programme to manage the various competing interests and act as an effective risk management tool. It is essential for compliance and to inform employees, customers, vendors, business partners, regulators and the courts of the business’s commitment to data protection.
We offer a three-stage programme designed to help you in putting together this plan and ensuring your business is GDPR compliant:
STAGE 1 - ASSESSMENT
- Initial meeting to assess the impact of GDPR on your business
- We work with you to produce a compliance plan for GDPR
- We carry out a data protection audit
- We produce an audit report based on the results
- We help you to update your GDPR plan in light of the audit report
STAGE 2 - POLICY REVIEW
- We review or produce your standard data processing agreement
- We review agreements with third party suppliers
- We review and comment upon employment contracts and related documents
- We draft and put in place a data breach reporting policy
STAGE 3 - TRAINING
- We provide in-house training and workshops to staff on GDPR and the reporting of breaches
If you would like to discuss the GDPR or its requirements, or would like advice or assistance in producing and implementing a suitable compliance programme, please contact a member of our team. We would be very happy to speak with you on a no-obligation basis to discuss your business’s individual needs.