GDPR is coming on the 25th May and businesses should be prepared. Many are seeing this date a deadline, however it is actually a go live date of when GDPR starts and the old DPA (Data Protection Act) finishes.
The GDPR, much like the Health and Safety act, requires you to be proactive about what you are doing with data security and management rather than just “not doing the wrong thing” and on that basis, some initiatives need to be carried out to have something in place.
What that something is up for debate and whilst there is a host of information on the ICO website (https://ico.org.uk) to assist you in the first steps, it may be that you want some external help to get you going and understand what steps you need to take.
We are offering the following service to help businesses get GDPR ready.
Step 1 – A 3 days systems/organisation review
You are sent a request for information. This will comprise of:
- An organisation chart showing all levels and personnel or positions.
- A form for completion, for all individuals or positions that you consider handle personal information from employees or customers.
- A form for an overview of current IT systems, with any security hardware, software, processes or procedures currently in existence.
When this information is returned in full, the detail is assessed and a 3 day review (approximate depending on size and complexity of the business) is carried out.
Step 2 – Review of findings
The report that is created after the audit outlines the current status of compliance. As there is no current “certification” for GDPR compliance, the report and its resulted are made up of knowledge and guidance from various sources including the ISO and the ICO.
Step 3 – An Improvement plan
This document covers “Needs Identified” and “Basic Risk Assessments Identified” for the areas of the business that need attention to bring compliance up to scratch. These could be business processes, systems or IT facilities that are missing or need enhancing.
A commitment is required by the business to devote time to this project and top down management engagement is key to its success in not only producing the report but also work through the improvement plans suggestions.
Prices start at £2,100 for an initial 3 days.
*3 days is a minimum and as stated above, this could increase based on the size of complexity of the business. Expenses may be charged for customers over 90 minutes away from Intalect’s office. All prices are excluding VAT.