To keep the individuals whose personal data you process happy and to avoid potential sanction/ criticism from the Information Commissioner – you need to comply with the law. In the UK this is the General Data Protection Regulation [‘GDPR’], the Data Protection Act 2018 and the Privacy Regulations of 2003.
You should assess your current level of compliance with the above laws and see what needs to be done to bridge any ‘gap’ between where you are now and where you need to get to. This is called Gap Analysis.
We can do this for you.
We will discuss the nature of your business with you, what personal information you process, why, where it is located, how long you retain it for etc. We will also map the ‘flow’ of information in to, throughout and out of your organisation. We will see who has access to it, who is it shared with etc.
We will also review any existing policies and procedures you might have.
As part of this analysis we will look at how you keep personal data and other information safe and see what can be done to improve it.
For further information please contact us.