Access our expertise whenever you need it with an annual subscription
If you require access to expertise all year round but lack the internal resources, our managed services provide the consultancy support you need, when you need it.
Get unlimited advice, hands-on implementation support, staff training, documentation, relationship management with your certification body, and more.
DPO as a Service
Under the GDPR (General Data Protection Regulation) and DPA (Data Protection Act) 2018, certain organisations must appoint a DPO (data protection officer).
Other organisations might choose to appoint one to oversee their data protection activities and perform certain tasks as set out in law.
A DPO has the same legal status whether the appointment is voluntary or mandatory. If you need a DPO but lack the necessary internal resources, you can outsource the role to an expert.
With DPOaaS (DPO as a Service), you can benefit from a dedicated, independent DPO who has no conflict of interest with your other business operations.
This service, delivered by our sister company GRCI Law, includes:
- A GDPR documentation review, a gap analysis to determine the extent of your compliance with the Regulation, and a remedial action plan to help you fill those compliance gaps;
- Unlimited access to GDPR advice and expertise; and
- An official point of contact with supervisory authorities on all data protection matters.
Learn more about DPOaaS
DSAR (data subject access request) as a Service
Under Article 15 of the GDPR, data controllers are obliged to confirm to data subjects whether their personal data is being processed.
If it is, the controllers must provide them with a copy of that personal data, as well as certain other information within one month.
If you need help facilitating data subjects’ right of access, our DSARaaS (Data Subject Access Request as a Service) will ensure you meet your obligations.
Delivered by our sister company GRCI Law, this service will:
- Review and assess the validity of each DSAR;
- Verify the data subject’s identity;
- Locate the relevant data;
- Obtain third-party consent where necessary;
- Formally disclose the data to the data subject;
- Keep appropriate records; and
- Liaise with the supervisory authority where necessary.
Learn more about DSARaaS
All organisations that access NHS patient data and systems must demonstrate their compliance with the DHSC (Department of Health and Social Care)’s data security and information governance requirements.
This is achieved by submitting an annual self-assessment using the DSP (Data Security and Protection) Toolkit.
Our healthcare specialists can help you ensure your data security and protection practices meet the DSP Toolkit’s requirements.
DSP Toolkit Managed Service for Implementation
This annual service:
- Provides a detailed review of your current data security and protection compliance posture;
- Conducts the necessary assessments with key staff;
- Provides recommendations for remedial action;
- Updates any required evidence in line with the latest version of the Toolkit; and
- Assists with your annual online submission.
Learn more about the DSP Toolkit Managed Service for Implementation
DSP Toolkit FastTrack™ Managed Service
This three-year service for Category 3 organisations will:
- Undertake a full review of your data security and compliance regime;
- Review existing controls and recommend any additional controls based on the DSP Toolkit specifications;
- Review your DPIA (data protection impact assessment) process and recommend improvements;
- Implement the necessary business continuity and incident reporting procedures;
- Update and/or develop any required evidence in the form of policies and procedures to support the compliance programme; and
- Help you complete the Toolkit submission and provide all necessary supporting documentation and evidence as required.
Learn more about the DSP Toolkit FastTrack™ Managed Service
Gambling Commission Security Audit – Managed Service
The UK Gambling Commission requires all remote gambling operators to complete an annual third-party security audit against particular sections of ISO 27001, and submit a report as evidence of compliance.
Our Managed Service offers you the maximum support and guidance throughout this process to give you the greatest chance of audit success.
Learn more about the Gambling Commission Security Audit – Managed Service