Christopher Beveridge
Head of Privacy & Data Protection
Supporting you through the privacy and data protection compliance lifecycle
For most organisations, data is regarded as the key asset, in particular the personal information of clients and customers that drives much of sales and marketing activity. It is also data that carries the greatest risk. Organisations must ensure that any and all personal information processed is effectively managed through the entire information management lifecycle; from data collection through to final disposal.
To comply with privacy and data protection regulations like the UK Data Protection Act 2018 (UK GDPR) and the EU General Data Protection Regulation, as well as other global privacy and data protection obligations, you will need to invest in data protection strategies. You will need to define your data protection policies and determine the controls to protect personal information.
The Key Elements of privacy and data protection compliance
- Data and Information Governance
- Information lifecycle management
- Policies and procedures
- Training and awareness
- Security controls
- Third party risk management including contract management
- Data breach policy and procedures
- Data handling procedures
Your data protection solution
How your business operates and how it uses personal information are the starting points for how we will work with you. You will discover that we invest the time to understand your whole business, the multiple purposes and uses of personal information as well as how that data is managed throughout the organisation.
You will benefit from our broad range of skills and expertise including information cyber security, information lifecycle management and data analytics. We also have extensive experience across governance, operations, technology, compliance, and risk management, enabling us to focus on immediate privacy and data protection concerns while maintaining operational readiness.
Our service offerings
- Privacy and data protection maturity assessments
- Privacy and data protection strategy and program development
- Data mapping and records of processing management
- Policy and procedure development
- Privacy Impact Assessments (PIAs) and Data Protection Impact Assessments (DPIAs)
- Data subject rights request management
- Privacy and data protection third party contract advisory
- International data transfer advisory
- Privacy and data protection compliance implementation project management
- Training and awareness delivered in-person, remotely or through our data protection e-learning module)
- Data protection managed services
- Outsourced Data Protection Officer support services/outsourced Data Protection Compliance Officer services
- Internal Audit support
- Independent third-party data processor assurance
- Assurance and certification Services including ISAE3000 SOC2 Privacy Reporting and ISO27701 Privacy Information Management Reporting preparation support
- ROBUS data governance software