This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Find out more here

Hide
United Kingdom

Select your regional store:

ProtectComplyThrive

Data Protection Consultancy

Achieve your EU GDPR and DPA compliance goals

IT Governance’s data protection consultancy can help you meet the requirements of the UK Data Protection Act (DPA) and prepare for the requirements introduced by the EU General Data Protection Regulation (GDPR).

Our specialist data privacy consultancy team can provide you with the necessary expertise to implement a total privacy programme that meets your compliance requirements. We can also undertake an initial gap analysis of your current compliance regime if you are just getting started with a data protection programme.

Call us now on +44 (0)845 170 1750 or email us to find out more about our data protection consultancy offerings.

 

Meet regulatory obligations by protecting your organisation’s PII

The data protection landscape in Europe is being overhauled with the introduction of the EU GDPR, which will be enforced from 25 May 2018. Organisations will need to review and update their operational, administrative and technical measures in order to adequately prepare for the Regulation.

During the two-year transition period, the requirements of the Data Protection Act will remain valid.

We can help your organisation achieve its privacy goals and compliance obligations against this complex and evolving regulatory backdrop.

 

Not only legal expertise, but technical and cyber security support

Data protection is no longer the domain of legal experts alone. Although the necessary legal and regulatory knowledge is a crucial ingredient to ensure compliance, adequate data protection measures extend to the technical controls that organisations must apply to avoid data breaches.

Principle 7 of the DPA requires organisations to apply the appropriate technical and organisational security to protect personal data from loss or damage. The GDPR also introduces significant technical and operational requirements that must be implemented to achieve full compliance.

 

ISO 27001, PIMS and data protection

ISO 27001 is the international standard for information security, encompassing personally identifiable information (PII) security and cyber security. ISO 27001 requires companies to implement appropriate measures as part of a holistic approach to information security that encompasses people, processes and technology.

By implementing an ISO 27001-compliant information security management system (ISMS), organisations will be well placed to avoid potential data breaches resulting from inadequate information security practices.

Organisations can also demonstrate compliance by implementing an appropriate Personal Information Management System (PIMS). BS 10012 is the British standard that specifies the requirements for a Personal Information Management System (PIMS) which will help organisations comply with the Data Protection Act (DPA).

 

GDPR requires evidence of compliance

The GDPR encourages the adoption of certification schemes as a means to demonstrate compliance. Getting certified to ISO 27001 can help organisations to achieve their compliance objectives and protect their organisations.

IT Governance has a solid track record of helping companies achieve ISO 27001 certification and compliance with BS 10012.

 

Data breach incident response planning

Reporting on damaging data breaches will become mandatory under the GDPR. Avoid potential costly fines and the associated publicity that can result from cyber attacks by benefiting from the right advice, delivered by experienced professionals.

 

Get reliable and cost-effective advice

Organisations should take action now to implement appropriate measures for improved data security. Get in touch with one of our specialist advisors for guidance about meeting your compliance goals.

Call us now on +44 (0)845 170 1750 or email us to find out more about our data protection consultancy offerings.

 

Data protection consultancy services

IT Governance offers the following services to help you meet your data protection objectives:

  • Gap analysis

    Our experienced data protection consultants can assess the exact standing of your current legal situation, security practices and operating procedures in relation to the DPA or the GDPR.

  • Data flow audit

    Data mapping involves plotting out all of the organisations’ data flows, which involves drawing up an extensive inventory of the data to understand where the data flows from, within and to. This type of analysis is a key requirement of the GDPR. Read more >>

  • Information Commissioner notification support (a legal requirement for DPA compliance)

    Organisations that process personal data must complete a notification with the Information Commissioner under the DPA.

  • Implementing a personal information management system (PIMS)

    Establishing a PIMS as part of your overall business management system will ensure that data protection management is placed within a robust framework, which will be looked upon favourably by the regulator when it comes to DPA compliance. Read more >>

  • Implementing an ISMS compliant with ISO 27001

    We offer flexible and cost-effective consultancy packages, and a comprehensive range of bespoke ISO 27001 consultancy services, that will help you implement an ISO 27001-compliant ISMS quickly and without the hassle, no matter where your business is located. Read more >>

  • Cyber health check

    The two-day Cyber Health Check combines on-site consultancy and audit with remote vulnerability assessments to assess your cyber risk exposure. Read more >>

  • Incident response planning

    With an effective incident response plan, you will be able to detect incidents at an earlier stage and develop an effective defence against the attack. Read more >>

  • Technical testing

    Our bespoke penetration tests deliver cost-effective and practical solutions that will help you meet your legal, regulatory and contractual requirements, and eliminate potential vulnerabilities from your networks and applications. Read more >>

 

How we can help you: read the DPA case study

IT Governance has broad and deep experience in all aspects of data protection, privacy and the protection of personally identifiable information (PII).

Just as we helped Bell achieve DPA compliance on time and within budget, we can help you, whatever your needs.

 

Contact us today to get your data protection compliance programme on track. Email us or call us on 0845 070 1750 to talk to us about how we can help you achieve data protection compliance quickly and painlessly.


Buy DPA toolkits

EU General Data Protection Regulation Documentation Toolkit

Buy now

FREE GREEN PAPER

A compliance strategy for the EU General Data Protection Regulation

Download Now