Gap Analysis / Auditing
Gap Analysis
To reduce the risk of harm to the individuals whose personal data you process and to avoid potential sanction/ criticism from the Information Commissioner – you need to comply with the law. In the UK this is the GDPR, the Data Protection Act 2018 and the Privacy Regulations of 2003. You may also need to consider the Human Rights Act 1998 and the Common Law Duty of Confidence.
You should assess your current level of compliance with the law and see what needs to be done to bridge any ‘gap’ between where you are now and where you need to get to. This is called Gap Analysis.
We can do this for you.
We will discuss the nature of your business with you, what personal information you process, why, where it is located, how long you retain it for etc. We will also map the ‘flow’ of information in to, throughout and out of your organisation. We will see who has access to it, who is it shared with etc.
We will also review any existing policies and procedures you might have. We will also look at the knowledge of those who process personal data for you.
As part of this exercise we will look at how you keep personal data and other information safe and see what can be done to improve it.
We can then work with you to improve your level of compliance.
Auditing
An audit is similar, but you are left to do any improvement work that needs to be done!
If you believe you are compliant or are at a particular level of compliance, then we can carry out an audit for you.
An audit will lead to a level of assurance as to whether your organisation is following good data protection practice. Levels can range from Very Limited, Limited, Reasonable to High assurance.
We check if you are following data protection legislation as it applies to your organisation. If there are issues, we will let you know what needs to be addressed and which we regard as being a priority. We will ask you to come up with an Improvement Plan i.e., how you are going to deal with any issues and give you a reasonable period of time to make the necessary improvements. We will then review where you are.
For further information please contact us.