The General Data Protection Regulation (GDPR) imposes obligation on companies to not only document and safeguard information on identifiable living persons but companies must also be able to evidence compliance.

This places significant responsibilities on companies to do the following: 

• Review their current practices
• Have a publicly available Statement of Information Practices
• Create and have a client information leaflet (where needed)
• Document all processing activities
• Training
  • Ensure all staff are adequately trained and understand their obligations under GDPR for client data
  • Maintain evidence of such training
• Consent
  • Collect and keep evidence of clear consent for all processing and  secondary uses
  • Renew and keep that consent current
• Policies - Under the GDPR the following policies and procedures/processes  require to be in place
  • Data Protection
  • Handling Subject Access Requests 
  • Breach management                                       
  • Breach register 

 
Many companies may not be in a position to fund the recruitment or training required for a member of staff to act as a DPO (Data Protection Officer) and be responsible to ensure the company meets its obligations 
 
To meet this need we at the Data Protection Group have a variety of flexible contract for service DPO options available.
We have competitive packages available with a variety of delivery options and payment plans available.