Now that the GDPR tsunami seems to have receded, it’s time for many of us to take stock and consider whether the steps we took in 2018 and before meet the GDPR standards and the expectations of regulators.
Even if you obtained GDPR consulting services in the past to help with your preparations, it is important to test a number of the assumptions upon which your GDPR compliance programme is based – to ask yourself, in light of developing practice, “does this mean what we thought it meant?”
For instance, if you were to be investigated by the Information Commissioner’s Office or another data protection authority following a complaint from an individual or a data security breach, would you be confident about what the regulator would uncover when they considered your compliance with GDPR?
Bates Wells’ data privacy team offers organisations of all shapes and sizes a GDPR HealthCheck. This exercise enables organisations to understand their current level of compliance with the GDPR, and to pinpoint areas of strength and areas for improvement. In particular, Bates Wells’ data privacy specialists get alongside your key personnel to ask about your various data uses and systems, and to discuss with you your areas of concern or critical data usage. Following this process, we will then make written recommendations and, if requested, help with implementation.
We offer various levels of HealthCheck depending on your needs and areas of focus. We can use a standard approach or tailor our approach specifically to your requirements. The HealthCheck can be as high level as a 1-2 hour meeting or as in depth as a few full days embedded with your team.
From the first contact they were extremely responsive to our needs, helping to frame the project in a way which would be of maximum benefit to us, given cost and time constraints. They were able to get to the bottom of our complicated structure [and] make several helpful, useful and above all practical recommendations. I would happily use them again
With their in-depth understanding of our business, and a forensic knowledge of the legislation that we faced, Bates Wells were able to bridge the gaps in our knowledge, by supplying us with a range of advice and services, from conducting a general data health check to the tailoring of key individual policies, to help us meet our compliance goals. Their pragmatic approach and rapid response overall provided clarity and transparency to the GDPR issues that we were facing.