Direct Access to a Barrister

Call 0330 043 0412

DSC_7800Copy3-TopBar-GDPR
DSC_7800Copy3-TopBar-GDPR

Data Protection Audits for Small Business

Are you prepared for the GDPR?

You now have under 1 month to ensure that your business complies with the General Data Protection Regulation (GDPR) which comes into effect on 25 May 2018.

The GDPR applies to any business processing personal data regardless of legal form – and so includes sole traders and partnerships – and for the first time imposes direct liability on data processors (processing data on behalf of the data controller).

Significant fines for non-compliance may be imposed with the objective of either re-establishing compliance with the rules, punishing unlawful behaviour or both.

A data protection audit is the first step towards GDPR compliance.

The audit will evaluate and assess your business’s current data processing practices and provide a clear and comprehensive analysis of where you are now and your readiness for the GDPR.

DATA
SECURITY
IDENTITY
PRIVACY

Countdown to GDPR Enforcement

2018/05/25 00:00:00

Data Protection Audits for Small Business

Are you prepared for the GDPR?

You now have under 1 month to ensure that your business complies with the General Data Protection Regulation (GDPR) which comes into effect on 25 May 2018.

The GDPR applies to any business processing personal data regardless of legal form – and so includes sole traders and partnerships – and for the first time imposes direct liability on data processors (processing data on behalf of the data controller).

Significant fines for non-compliance may be imposed with the objective of either re-establishing compliance with the rules, punishing unlawful behaviour or both.

A data protection audit is the first step towards GDPR compliance.

The audit will evaluate and assess your business’s current data processing practices and provide a clear and comprehensive analysis of where you are now and your readiness for the GDPR.

DATA
SECURITY
IDENTITY
PRIVACY

What does the GDPR mean for Small Businesses?

Even if your business only holds minimal amounts of personal data – which may be something as simple as email addresses, customer lists or website contact form information – compliance with the GDPR is as much a requirement as it is for larger organisations.

What does this mean in practice?

GDPR compliance for Small Business is likely to include the need to:

  • Implement an overarching Data Protection Policy
  • Know why you have personal data and how you use it (do not retain personal information for longer than necessary)
  • Review the lawful basis for processing (if consent is relied on, renew consents if necessary)
  • Review and update privacy policies to be GDPR compliant
  • Have procedures in place for responding to data subject requests
  • Review and renegotiate vendor and service contracts to include data processing clauses
  • Ensure appropriate security measures are in place (including backups and encryption)
  • Establish procedures for detecting and responding to data breaches
  • Provide employees with training in data protection compliance
  • Document, document, document!

The GDPR introduces the principle of accountability – you must be able to demonstrate compliance by having appropriate policies and procedures in place and embedding them in your day-to-day business practices.

The GDPR introduces the principle of accountability – you must be able to demonstrate compliance by having appropriate policies and procedures in place and embedding them in your day-to-day business practices.

A Barrister KnowHow GDPR Audit is made up of the following elements:

A Barrister KnowHow GDPR Audit is made up of the following elements:

  • An online interactive data protection audit questionnaire for you to complete which has been designed to identify the GDPR-related issues affecting small businesses.
  • A telephone/Skype conference (where necessary).

    This is to discuss any particular matters arising out of the completed audit questionnaire which require further clarification.

  • A data protection audit report.

    You will receive a report identifying your current level of compliance and the changes you need to make to your present data processing practices to comply with current data protection legislation and to bring you in line with the requirements of the GDPR.

    The report will contain findings and recommendations for implementing compliance measures best suited to your business.

  • An online interactive data protection audit questionnaire for you to complete which has been designed to identify the GDPR-related issues affecting small businesses.
  • A telephone/Skype conference (where necessary).

    This is to discuss any particular matters arising out of the completed audit questionnaire which require further clarification.

  • A data protection audit report.

    You will receive a report identifying your current level of compliance and the changes you need to make to your present data processing practices to comply with current data protection legislation and to bring you in line with the requirements of the GDPR.

    The report will contain findings and recommendations for implementing compliance measures best suited to your business.

What’s not included?

Any matters arising out of the audit report such as drafting of documents (e.g. Data Protection Policy) or further advice will be quoted for separately but will almost always be on a fixed fee basis and at a highly competitive rate.

    Find out more with a free consultation

    If you would like to know more, complete the form below and Dominic will respond shortly to discuss your requirements.

    An initial chat is always free.

    This is for administrative purposes only. All information will be kept in the strictest confidence.

    Regulated by the Bar Standards Board.

    What’s not included?

    Any matters arising out of the audit report such as drafting of documents (e.g. Data Protection Policy) or further advice will be quoted for separately but will almost always be on a fixed fee basis and at a highly competitive rate.

      Find out more with a free consultation

      If you would like to know more, complete the form below and Dominic will respond shortly to discuss your requirements.

      An initial chat is always free.

      This is for administrative purposes only. All information will be kept in the strictest confidence.

      Regulated by the Bar Standards Board.