Consultancy Services from the DPO Centre

The DPO Centre provides a comprehensive range of consultancy expertise to complement its outsourced DPO and GDPR Representation services. ​​This includes “overflow provision” for when organisations require increased resource to cover periods of high workload or absence.

Our consultancy services are provided by experienced Data Protection Officers (DPOs) and tailored to your organisation’s specific needs.

The services are provided standalone, as a precursor to, or to complement our outsourced DPO services.

In all cases, the service is backed up by the shared best practice and model documentation that the DPO Centre has developed based on the experience we have gained from working with over 300 organisations.

handshake

OUR RANGE OF CONSULTANCY SERVICES

Compiling data asset register and data mapping ​

  • Identifying the personal data an organisation is responsible for​

Cataloguing:​

  • Where and why the data is held and how it is used ​
  • The type, volume and “risk” level of the data ​
  • Who is responsible for managing it

Impact assessments and gap analysis

  • Reviewing how data in a dataset is processed​
  • Determining if processing is compliant​​
  • Identifying “gaps” between current practice and full compliance​
  • Developing an action plan to fill the gaps​

Records of Processing Activity (RoPA)​

  • Preparing and maintaining RoPA​

 

  Compiling ongoing records of:

  • The legal basis upon which personal data is held​
  • How the data is processed​
  • How, why and where the data is transferred
  • Security protocols used to protect the data​
  • How long the data is retained and its disposal

Policy drafting and review​

  • Privacy and cookie policies​
  • Informed consent forms​
  • General data protection policy​
  • Retention policy ​
  • Various employee policies

Data protection training​

Providing ongoing training to embed a data protection culture into an organisation including training for:​

  • Senior managers accountable for data protection ​
  • Data managers responsible for personal datasets​
  • Front line staff handling and processing personal data

Data sharing and data transfers ​

  • Advising, drafting and reviewing data processing and data sharing agreements with third parties​
  • International data transfer mechanisms and agreements including the use of Model Contract Clauses (SCCs) and Binding Corporate Rules (BCRs)

Privacy by design advice

Ensuring data protection principles are designed into new business activities
from start to finish of a project:​

  • Considering GDPR principles at all development phases ​
  • Providing data protection expertise from the outset​
  • Advising on a risk-based approach to the project

Data protection readiness

• Readying organisations for external data protection compliance by, for example:​

  • Financial Conduct Authority (financial services)
  • Care Quality Commission (medical and healthcare)​
  • Ofsted and ISI (schools and education)
  • Government Internal Audit Agency (government agencies)​
  • Commercial due diligence for M&A activity

BENEFITS OF THE SERVICE

gbp
Highly cost effective
thumbs up
Experience and shared best practice gained from working with over 300 clients
icon
On-tap resources
DPO_Factsheet_Icons33
Pre-existing model documentation tested and validated across varied industry sectors
info
Pragmatic, straightforward, solution driven advice
DPO_Factsheet_Icons34
UK and Pan-European expertise ​
icon
Consultant DPO works on-site as part of your team

WHO WE WORK WITH

We work with organisations in a wide variety of sectors, including:

Medical and Healthcare

Medical and
Healthcare

Software and Technology

Software and
Technology

Retail and eCommerce

Retail and
eCommerce

Finance and Insurance

Finance
and Insurance

Education, Schools and Colleges

Education, Schools
and Colleges

Charities and Not-for-profit

Charities and
Not-for-profit

Click one of the options below to speak to us about our Data Protection Services

 

Email Call Contact Form