From 25th May 2018, the General Data Protection Regulation (GDPR) came into force in all EU Member States, including the UK. The GDPR builds on the data protection obligations imposed by the Data Protection Act 1998 and places a greater emphasis of transparency of data processing and accountability.
The GDPR also empowers individuals by providing them with new rights, such as the right to be forgotten, as well as tightening up their existing rights to access and amend their data. The GDPR impacts all organisations regardless of whether they use data relating to employees, customers, tenants or patients.
Bevan Brittan's specialist Information Law team can assist your organisation with each stage of GDPR compliance.
We can support clients in meeting their new requirements in a variety of ways including: auditing and benchmarking existing data protection practices; preparing data protection policies and procedures; contract reviews and updates; and providing workshops and staff training
Just wanted to say how great the session was yesterday. It was an extremely valuable session for us and there were a number of things you suggested that will help tighten up our approach to GDPR.
Examples of how we can help include:
- Providing assessments of current data protection practices including preparing frameworks for internal audits, data mapping, reporting on audit result and preparing a compliance action plan.
- Running workshops with your GDPR project teams to evaluate action taken and steps required to meet GDPR compliance.
- Reviewing and updating existing internal data protection policies and procedures to ensure GDPR compliance such as data breach policies and employee handbooks.
- Drafting bespoke GDPR documents such as precedent privacy impact assessments, privacy notices, data protection record keeping and data breach reporting forms.
- Reviewing contracts with third parties which involve the transfer of personal data to ensure GDPR compliance.
- Providing bespoke internal training sessions for directors and employees to highlight the specific data protection issues of which they need to be aware.
We provide a range of GPDR compliance services to a leading global conglomerate. Our role includes facilitating the internal audit of data processing activities, providing workshops to identify gaps in compliance and prepare a compliance action plan to meet the GDPR requirements.
We have also provided a comprehensive document review of internal practices and policies to ensure they comply with the new standards and requirements set by the GDPR.