Data mapping

• Review and Audit data flows and perform a mapping exercise
• Establish the ownership of data held by the organisation
• Creation of data inventory, in order to develop a data protection program

Legality and consent

• Provide consent guidance and preparation for scrutiny
• Consent issuance support
• Assistance to demonstrate compliance with the principles of good data processing practices

Data storage and retrieval

• Help to provide a framework to organise data in line with requests from data subjects
• Guidance to implement technical controls to help ensure data is updated and/or removed in a way which is compliant with GDPR requirements

Data Privacy Impact Assessment

• Establish the circumstances under which a DPIA becomes a necessity for various organisational processes
• Define the specifics and detail of a DPIA, based on the organisation’s operations
• Plan, train or manage staff to perform Data Privacy Impact Assessments

Organisational structure

• Guidance on a DPO (Data Protection Officer) requirement for the organisation
• Recruitment support for a DPO requirement, or staff augmentation for the role
• Help establish and reinforce Board level support for GDPR updates
• Establish relationship with the relevant Supervisory Authority for the country of operation

Breach & security response

• Review and Audit the organisation’s data flows and perform data mapping
• Educate and plan key stakeholders, based on GDPR and Data Protection Act breach reporting requirements
• Reinforcement and Lead/Support testing, to help ensure that the organisation’s reporting capabilities remain appropriate

Securing the supply chain

• Formally document all relevant third parties handling PII
• Audit and define the requirements for suppliers as per GDPR
• Advice to amend contracts as required to ensure compliance

Securing PII

• Establish actions to secure the PII held or processed within the organisation
• Provide support with technical infrastructure
• Provide guidance on achieving ISO27001 certification