Data Audit Services
Compliance with data protection legislation is necessarily becoming a higher priority for many organisations.
A number of factors are driving this:
- regulators (including the ICO) are increasingly using their powers of enforcement
- future legislative changes will increase the compliance burden for business (and related risks) of data protection
- data security breaches can lead to adverse publicity and significant monetary penalties
- personal data is now a key business asset and compliance has a direct impact on the value of such data
- employees are using data protection compliance issues tactically to gain leverage when in dispute with their employers
For most businesses, the first step in mitigating the risks above will be a data protection audit so that you can understand the “What? How? Why? and Where?” of your current data processing practices. This will enable you to identify what changes you need to implement to comply with current and future legislation.
We tailor the scope of the audit to meet your requirements: this could be an end to end audit of the entire business, an audit of one or more business units such as IT, HR and/or Marketing and/or an audit of your UK, European and/or global operations.
GDPR Health Assessment
While many organisations may have a good level of technical compliance, they may lack operative compliance, which ultimately leaves organisations exposed to regulatory and individual claim risk. Many are also simply unsure of where they stand on their GDPR compliance journey. Through our LS GDPR Health Assessment, we provide organisations with a cost-effective way to check their GDPR (and security) compliance positions without having to go through a full scale audit process.
What will the Health Assessment cover?
- Initial Heath Assessment: providing you with a compliance score and a strategy paper with suggested remediation steps
- Verification: Working with you privacy champions to verify or stress test the answers provided in our strategy report, if a preferred route. We will deliver a risk assessment report providing greater detail on current compliance and tailored remediation actions for any areas of potential non-compliance.
- Remediation: Giving practical assistance to implement the suggested remediation actions and providing updated documentation, training and guidance notes
While our focus is on ensuring your legal compliance with the GDPR, we can also (in partnership with our third-party partners) offer organisations security assessment through use of sophisticated software tools to help identify any internal and external vulnerabilities to your environment. This in turn will help you to verify whether the security measures you are taking are sufficient to keep your data safe, as well as align with GDPR and industry practice. This security assessment will take various forms ranging from basic scans to a full blown security audit.
To find out more detail about our GDPR Health Assessment and Security Assessment, download our brochure here and please get in touch with our co-Head of Data Privacy Alexander Milner-Smith or Bryony Long for more on how we can support your compliance journey.
Does your business need a GDPR Health Assessment 2 years on from GDPR?23 June 2020
25 May 2020 marked the 2nd anniversary of the GDPR coming into force. As anniversaries are for some a moment for reflection, it is not surprising that organisations are now checking in on their respective compliance profiles to consider what (if any) improvements can be made.
Size doesn’t matter (so says the ICO about recipients of big fines for data breaches)03 July 2017
If you thought that you’re too small a business to have to bother about data protection, then think again.