-
On-site Session
We come to your premises at a time to suit you.
First, we present an "introduction to the GDPR" providing you with a high-level overview of
what the UK GDPR is all about, how it differs from the original "Data Protection Act" it has superseded, and what it means for businesses.
This can be valuable for any number of staff to sit in on to introduce them to the GDPR, increase their overall
understanding, and improve awareness of their responsibilities when it comes to day-to-day activities.
This is also a great time for you to ask any questions related to your specific business activities or ask us to elaborate
on any particulate point (or requirement) of the GDPR for clarification. We don't run this presentation like a formal
training session but more like a structured collaboration. We are not "on the clock" so there are no time limits meaning
this part of the service essentially becomes a kind of free high-level consultancy session as well as a presentation.
Second, we have a question and answer session which covers all aspects of the GDPR and its requirements.
It includes most areas of general business activity and allows us to gauge your current level of compliance
in all areas of the GDPR. The more information you can provide us here, the more accurate and detailed
your assessment report will be - so having managers / heads of departments / key staff on hand to answer
any relevant questions will help.
This on-site session normally takes about half a day and if your time allows we are
happy to stay a little longer to answer any further specific questions you may have.
1
-
Assessment Report
After our on-site session we come back to base and asses the information we gathered. This is where
we do all the heavy lifting and produce your GDPR Compliance Assessment Report.
The report contains a summary of your overall GDPR compliance in graphical form, and details of how well you fair
in key "real-world" categories such as board & planning, employees & staff, policy & procedure, data processing,
data sharing & transfer and cyber security.
Each category is fully explained, and includes a "Specific Changes" section detailing key changes you should
make to improve your compliance in that area. The report also includes any high-level "quick win" changes
you can make straightaway to boost your compliance, and any high risk areas that need immediate attention.
Finally, the report contains lots of useful reference material including facts and information about the GDPR
and a "jargon buster" detailing key GDPR terminology.
It is an extensive report that can be utilised by departments and key staff, and can be used indefinitely
as a clear, concise reference document for general GDPR information.
2
-
Template Documentation
Having documented procedures for your staff to follow and well-structured policy to notify customers and suppliers, forms the
foundation of any GDPR compliance project. So, alongside the GDPR Compliance Assessment Report we also provide you with key
template documentation vital to demonstrating your compliance with the GDPR (avoiding the costly exercise of starting these from scratch yourself).
You would normally have to pay for these separately but we include them for free as part of our assessment.
Our extensive template document pack includes:
- Data Protection Policy & Procedures
- Information Security Policy
- Data Retention & Erasure Policy
- Data Breach Policy & Procedures
- Subject Access Request Procedures
- Privacy Notice Template
- GDPR Compliance Statement Template
- Notification Letter Template for Existing Processors
- Controller Processor Agreement Template
These documents can either be customised directly to use in your business, or they can be used to
cross-reference your current documentation to ensure it covers all areas under the new GDPR requirements.
3
-
Follow Up
The GDPR Compliance Assessment is perfect as either an introduction / kick-start to GDPR compliance or as
a professional opinion to assess your ongoing compliance efforts, and make sure nothing has been overlooked.
So, to ensure it has achieved one of the above objectives, soon after receiving your report and template
documentation we like to arrange a follow up phone call to discuss them. This is the perfect opportunity
for us to answer any questions you may have for example, further clarification on any of the sections /
categories, or any of our recommendations.
4