The GDPR places onerous accountability obligations on organisations. A comprehensive data protection infrastructure would enable your business to demonstrate compliance. DPS can assist your organisation with your compliance project, whether through providing advice, carrying out gap analysis, audit review or developing a document framework.
Our consultant has vast experience in providing assistance and creating solutions to compliance issues raised by clients from diverse business sectors.
We provide practical professional advice and offer a full range of compliance services, see list below. Please contact us for more details regarding the methodology and approach adopted by DPS.
Our compliance services:
Compliance Gap Analysis
A gap analysis is a method of assessing compliance against the requirements of European and local data protection legislation. DPS can identify and help you prioritise the areas that you need to address.
Develop/Review Policies & Procedures
DPS can review your current policies and advise on any required amendments required to ensure compliance with the current European and Irish data protection legislation, and/or develop bespoke policies and procedures for your company.
A data protection infrastructure which is enforced through supervision and regular review and audit is a valuable compliance tool. DPS can assist your company with periodic review/audit of your compliance infrastructure.
With COVID 19, companies may find that they are collecting more sensitive personal data. There may also be data protection implications with the move to remote working for staff members. DPS can perform an audit review which would highlight any gaps with compliance.
COVID 19/Back to Work Readiness Assessments
Organisations will be in the process of implementing, or preparing to implement a phased return to work as part of the Government’s “roadmap for reopening society and business”. Sensitive personal data has and will be required to be collected by your company in order to adhere to recommendations outlined by the Department of Health, Return to Work Safely Protocol.
DPS can provide advice to your company on implementing these recommendations in a manner that complies with your obligations as Data Controllers under the GDPR and the Data Protection Act, 2018
To comply with the EU GDPR (General Data Protection Regulation), organisations need to map their data flows to assess privacy risks. Conducting a data flow map forms part of your Article 30 documentation. They are also an essential first step in completing a data protection impact assessment (DPIA). DPS can advise on the best approach to use or carry out the data mapping exercise for your company.
Data Privacy Impact Assessments
A Data Protection Impact Assessment (DPIA) is a process to help your organisation identify and minimise the data protection risks of a project. You must do a DPIA for processing that is likely to result in a high risk to individuals. DPS can carry out this assessment and provide advice and guidance on mitigating risks highlighted during this process.
Data Protection by Design & Default
In essence, this means your organisation has to integrate data protection into your processing activities and business practices, from the design stage right through the lifecycle. DPS can review and advise on upcoming projects or work with your organisation throughout the project to ensure all appropriate aspects of data protection are considered and documented.
Data Protection Officer as a Service
Per the data protection legislation your company is required to appoint a DPO, whether you are a controller or a processor, if your core activities involve processing of sensitive data on a large scale or involve large scale, regular and systematic monitoring of individuals.
DPS can assist you compile a compliant Privacy Statement and Cookie Notice, or carry out a compliance review of your website.