Compliance & Regulation Consultancy

Core to our Compliance & Regulation offering in helping our clients with the GDPR is our Policy & Procedure review and update service. 

Following on from the initial data mapping exercise our consultant will look to review and update the policies & procedures required for compliance:

• Undertake a review of current data protection policies in place.
• Update your data protection policy in accordance with the requirements of GDPR, setting out your lawful processing criteria, consent management, subject access requests, data security breaches, retention of records etc.
• Prepare Privacy Policy for website, privacy statements for employees, update application form online, and add email signature disclaimers.
• Review current security and IT practices & procedures.
• Identify and implement measure to satisfy privacy by design.

Deliverables

An initial set of policies to ensure compliance with regulation.

• Data Protection and Record Retention & Destruction Policy
• IT Usage Policy & IT updates
• Employee privacy notice
• Privacy policy for website

To ensure GDPR compliance, companies must understand how and where vendors and processors manage client/customer personal data.

Our offering:

• Identify third party vendors and processors and compile a master list.
• Conduct an audit of vendors and processors and determine what measures they have in place to satisfy privacy by design.
• Review existing vendor and processors contracts for GDPR compliance.
• Assess and manage risks posed by vendors and processors.
• Draft data processing agreements (DPA) and necessary addendums for vendors and processors to sign.

Deliverables:

• Supplier GDPR Readiness Questionnaire
• Master list of vendors/processors
• Risk register
• Signed DPAs with vendors and processors
• Service Agreements amended in line with GDPR

The Intuity GDPR Awareness Training will help guide your team on your business’ road towards compliance. We understand change can be difficult and we can assist you with the implementation of new practices and procedures. Our GDPR Training programme is designed to help the team with responsibilities for collecting and processing personal information.

The Course

Our half-day workshop is designed to equip your employees with the skills and knowledge they need to identify visible privacy risks and be GDPR aware.

Having conducted an analysis of your policies and procedures and having identified key changes to satisfy privacy by design and default we can then tailor our GDPR Awareness course to your specific business needs, including a Q&A session to address any of your staff’s concerns around GDPR compliance.

Course Objectives

After successfully completing this workshop, staff will understand key GDPR obligations required of businesses today including:

• What is GDPR and what has changed since 1995 Directive?
• Key Obligations Under GDPR
• Key Terms
• Personal Data
• Legal basis for Processing
• Data Processing Agreements
• Sharing Data
• Marketing & GDPR
• Privacy by Design
• Employee responsibilities
• Business Responsibilities
• Data Breach

You Can Choose. . .

Choose from a variety of training formats:

• Innovation House Workshop
• Live Webinar Workshop
• Onsite training for your team

One of the greatest demands of the GDPR  is the requirement for some organisations to have a dedicated Data Protection Officer in place. Many businesses simply cannot afford this additional cost and our DPO as a Service offering provides the perfect solution for these businesses.

We offer the combined benefits of a shared Data Protection Officer and a virtual Data Protection Officer (v-DPO) so your organisation can reap the benefits of a DPO as required for services such as:

• Data Privacy Impact Assessments
• Data breach management, monitoring, controls and reporting
• Data Risk Management
• Subject Access Request Management – respond to subject access request in line with the GDPR

Our hybrid solution delivers the comfort of both human touch and cutting-edge technical solutions ensuring your business is in the best possible hands.