Data Protection Officers are now mandatory for many organisations under data protection law. Where an organisation wishes to appoint a DPO or privacy consultant, Data Compliant provides a personal, affordable service to organisations without the budget, resource, expertise, or appetite to appoint an internal DPO.
Clients choose how much time and resource is needed. This can be as little as half a day per month, or as many days per week are needed.
Appointing a DPO
Data Compliant begins by helping organisations assess the need for a mandatory – or voluntary – DPO. Where a DPO is needed, our DPOs will help you address your data protection obligations without distracting your core team from their daily business activities. Individual DPOs specialise in specific business and industry sectors. Clients also benefit from the shared knowledge and experience of the full DPO and consultancy team.
For more information about DPOs, have a look at these videos which explains what is a DPO, why a DPO is needed, what a DPO does, the skill sets needed, and so on.
DPO Role
Our DPOs are all compliance and subject matter experts covering a range of business sectors. The DPO’s role is to:
- Help you interpret all data protection legislation
- Establish how it affects your business
- Advise your senior officers how to achieve strategic goals compliantly
- Determine governance, compliance and security measures needed
- Embed data protection throughout your organisation
Key Deliverables from DPO-as-a-Service
- Monitor and advise on data compliance and security requirements (GDPR, DPA 2018, PECR and e-Privacy)
- Provide updates on ongoing developments and changes in the regulations
- Provide awareness and training throughout the organisation
- Provide updates on regulatory developments
- Guidance with personal data systems and processes
- Enterprise-wide awareness and training
- Liaison with Supervisory Authorities
- Assist with Subject Access Requests and other data subject rights
- Guidance in development and embedding of Information Security Management System policies and procedures
- Guidance with record-keeping and risk registers
- Ongoing risk assessment and risk management
- Guidance on Fair processing statements, T&Cs, Privacy & Cookie policies
- Data sharing / data processor agreements
- Assistance in developing processes around data privacy by design and default (Data privacy impact assessments; legitimate interests assessments and similar)
- Support businesses in events such as data breach, ICO investigations, subject access requests, or data subject complaints
To chat about your needs, email dc@datacompliant.co.uk or call 01787 277742