Data Protection (GDPR)
Protect your reputation, gain your client’s trust.
Data protection regulations state that personal data should be fully protected at all times. InfoSaaS has helped many organisations to understand the new General Data Protection Regulation (GDPR) and be compliant with its many requirements.
Overview of GDPR Requirements
The more comprehensive EU General Data Protection Regulation was introduced in May 2018. This was delivered in the UK as the Data Protection Act 2018.
All organisations who process personal data should be in full compliance with GDPR. But sometimes we need to explain and unravel the complexities of it.
Our qualified and experienced data protection specialists would be pleased to assist you with this.
GDPR specifies a mandatory set of documentation and records that need to be maintained. This is to ensure your organisation becomes and remains legally compliant with its obligations to protect personal data.
InfoSaaS provides an extensive range of templated policies, procedures, forms and informational guides. These have proved to be invaluable for organisations of all sizes and sectors.
Data Audit Workshops
To be compliant with data protection legislation, it’s important that all forms of personal data are identified, categorised and assessed.
A data audit workshop, led by one of our data protection specialists, will help you to understand exactly what it is you need.
Data Protection Impact Assessments
Article 35 of GDPR requires a Data Protection Impact Assessment (DPIA) to be completed in certain circumstances.
Our InfoSaaS solution provides an intuitive solution to guide users through the completion of such an assessment. The resulting report highlights any issues or areas requiring improvement, and which can optionally be shared with customers, stakeholders or regulators.
Data Subjects Rights Requests
Articles 15-21 of GDPR mandate a set of rights in connection with the processing and storage of a data subject’s personal data.
Our GDPR Document Pack includes comprehensive procedures and supporting forms that are easy to customise.
In addition, our InfoSaaS software service includes a repository and GDPR-compliant workflows which allow any requests which are received to be validated and managed to completion in line with the requirements of the Regulation.
Supply Chain Considerations
Suppliers may require access to personal information – either to your own personnel’s data or to that of your customers’. You have a responsibility to assess their compliance with GDPR obligations as a data processor.
Such an assessment will need to include ensuring that technical controls are robust, mechanisms are in place to identify and report data breaches, a commitment has been made to cooperate with data subject requests, amongst others.Supplier Capability Assessments
Risk Assessment for Outsourced Products/Services
It’s essential that your personnel (and any dependent third-parties such as contractors) are properly trained on their responsibilities for the protection of personal data. This will include understanding how it is obtained, managed, processed, stored and disposed of.
They will also need to understand how to identify and report personal data breaches, and how to cooperate with responding to data subject requests.
Please contact us so we can prepare a training framework that delivers your organisation’s individual data protection training needs.
Virtual Data Protection Officer
A Virtual Data Protection Officer (DPO) can provide strategic, compliance and operational leadership on data protection matters to organisations that may not be able to afford a
Certified DPOs are likely to be an expensive resource: you may instead decide to use a Virtual DPO from InfoSaaS on an ongoing basis; benefiting from their time and experience on demand, part-time and often remote basis.
If you would like to discuss how a Virtual DPO could benefit your organisation, please contact us for a confidential discussion without obligation.Contact us