Data Protection Accountability
Highly qualified and motivated data protection professionals
Much of the data protection law is about risk assessment, identification and mitigation. Data Compliant helps you meet the Accountability requirements of GDPR, DPA and proposed DUA. These include leadership and oversight; policies and procedures; training and awareness; meeting individuals' rights; ensuring transparency around your processing; the requirement to keep and maintain records of processing activities (data mapping); ensuring you have appropriate contracts and data sharing agreements; conducting Data Protection Impact Assessments; managing your records and security; and how you respond to / manage any data breaches.
Data Compliant's Accountability Services
Data Compliant helps clients work to meet the law's accountability requirements, in a way that is simple, concise, and tailored to the size, scale and scope of your business. The first step is to determine in which areas of Accountability you need us to help. These are generally driven by you, or identified by Data Compliant during a healthcheck or audit.
RoPA (Records of Processing Activity - Data Mapping)
We help clients understand what is data mapping, why it matters, and how it helps you with your every day working practices. We work with the relevant people in your teams to help put formal data mapping flows in place, from source to processing to retention schedules. Then we work with you to set a process by which the RoPA can be actively maintained.
Data Protection Impact Assessments (DPIAs)
We help you understand what is a DPIA, what are the benefits, how to establish when or whether you actually need to conduct a DPIA, what information should be included within it, who should be consulted, and how to assess the risks associated with the processing. We then work with you to provide insights into how you might mitigate those risks.
Data Breach Management - Response and Evaluation
We help you identify what is a data breach, and evaluate its severity. We help you determine whether it is reportable, and if so, to whom. We help you do so in as simple and positive a manner as is possible. We also help you develop your policy and processes for doing so, and devise strategies for you to contact data subjects through appropriate channels.
Data Governance Oversight and Leadership
We work with our clients to ensure that you have in place a data governance framework and supporting processes to help you embed data protection throughout the whole organisation. As part of this task we consider how you might want to incorporate data protection operational roles and oversight groups into your governance structure. As part of this process, we help you assess whether or not you are obliged to (or might choose to) appoint a Data Protection Officer (DPO).
Supplier and Client Due Diligence
As data controller, you remain responsible for the suppliers and vendors you choose to appoint as your data processors. As data processor you need to satisfy yourselves that your clients are operating within the data protection legislation. We help you understand the appropriate levels of due diligence checks / compliance reviews you need to undertake to protect yourselves by checking that your chosen providers - or even your clients - are meeting data protection legal requirements.
Contracts and Data Processing Agreements
Whether you are a data controller or data processor, you need contracts in place when you are sharing or receiving data from other parties. We help you meet your needs around controller to processor and / or controller to controller data sharing / data processor agreements. We provide information and advice around restricted transfers, including the use of Standard Contractual Clauses and other transfer mechanisms. We assist you in completing Transfer Impact Assessments as needed. And will advice on the information you require in your data sharing policies and supporting procedures.
Data Compliant International
International data protection consultants and DPOs.
22 Friars Street, Sudbury, Suffolk, CO10 2AA
Email: dc@datacompliant.co.uk
Tel No.: +44 (0) 1787 277 742
We need your consent to load the translations
We use a third-party service to translate the website content that may collect data about your activity. Please review the details in the privacy policy and accept the service to view the translations.