There have been number of changes brought about by the GDPR and the DPA 2018 which has meant businesses having to deal with a number of changes or challenges to protect personal data. By adopting some the changes, we can assist your business en route to Data Protection and  GDPR compliance.

1. The GDPR and the Data Protection Act 2018?

 The GDPR stands for the General Data Protection Regulation (“GDPR”), which came into force on 25^th May 2018 along with the data protection principles. There are 8 principles of data protection from processed lawfully to appropriate security of the personal data. Whilst in the United Kingdom Data Protection Act 2018 (“DPA 2018”) which came into force on the same day as the GDPR, creates additional requirements in parallel with the privacy Directive for electronic communications. There has been further changes with Brexit for the UK with updates to these rules.

2. Why is data protection compliance necessary for your business?

Whether your business  deals with a  customer or supplier either at point of contract, personal data breach, data subject rights or as per examples below data protection is going to come up.

2.1 New business or renewals 

No flow downs of the GDPR or DPA 2018 commitments in a customer or supplier contract this will be a risk which should be flagged up.

2.2 Appropriate mechanisms

If your suppliers are processing personal data and this is not clear in the contract and further where this is outside the non-EEA countries without the appropriate adequacy decision or data transfers with for example EU model clause under the regulations this will lead to non-GDPR compliance.

2.3 Categories of processing

Ensure that any customer or supplier agreements has clearly defined personal data categories, subject matter and nature of processing with onward sub-contractors being used to meet Article 28 GDPR and Article 30 GDPR  requirements.

Talk to us if you require further information or need help with data protection or GDPR compliance.

4 Our data protection consultancy service 

The services below are either dealing with a business implementing new and managing any part of an existing data protection risk.

4.1 Implementing data protection service

This consultancy service is for those businesses wishing to comply with the GDPR or DPA 2018. We will consider some of the  following components:

Clarify roles and purpose:  Outline the party’s roles, data controller, data processor, sub-contractors including purpose with record of processing, GDPR data protection officer.

Policy and training: Create, update or annual review of privacy, data protection and security policies relating to data protection with GDPR training.

Data protection contract provision: Standardise GDPR responses to meet regulations. Negotiate any data protection agreements, addendums or data sharing agreements and gain key stakeholder approval.

Respond: Manage personal data breach reporting or investigation, GDPR data subject request responses and to chair audits.

4.2 Ongoing managed data protection Support Service

This consultancy services below are either dealing with business requiring continuous support for some time with data protection risk in addition to any of the above.

Improvements: To existing data processing agreements and existing processing activities.

Risk: Agree remedial plan against any data protection risks on risk register.

Training: Upskill team on the changes and any annual GDPR training.

5.Why you should choose our data protection service? 

Unclear about GDPR focus on minimising risk. We can help you to focus from start to finish. We assist businesses to adopt good practice as an enabler to meet the requirement of the regulation, the contract and then advance onto meeting any milestones.

Being the first point of contact has minimised the risk having lead deals for finance and technology companies and introduced improvements.

We provide certified expert consultant.  Some of our benefits include:

Your business may have support requirement in one or more area why not talk to us and see if can assist with your data protection or the GDPR with our consultancy data protection service by emailing info@certaintysolution.com or request a proposal from us.