Services
Bespoke Data Protection Training
Data protection can seem complex and confusing. To solve this, many organisations rely on eLearning, much of which is generic and in some cases, even inaccurate. I pride myself on delivering engaging and useful live training sessions which are focussed on how the law actually applies to the audience’s working life.
Data Protection Essentials
This session will give your staff an engaging and useful overview of the requirements of the data protection laws and how this applies to their day-to-day work. Every session will be tailored to the audience, to ensure maximum relevance. Unlike generic online training courses, this session will be specific to your organisation and your staff will get the chance to ask specific questions.
Digital Marketing Compliance
This session will cover the specific legal requirements around digital marketing to individuals. This session is perfect for businesses using telephone, SMS or email marketing. Not only do you have to comply with the UK GDPR, but you also need to consider the PECR. I can help to demystify these requirements, to ensure your marketing teams know how to stay on the right side of the law.
Topic Deep Dives
If you’re further along in your compliance journey, and would like refresher or deep-dive training on specific topics within data protection, I can work with you to create a totally bespoke session. Examples include CCTV Compliance, Subject Access Requests, Data Protection Impact Assessments, Data Protection by Design, etc.
Data Protection Masterclass
I can deliver a two-day training session, which will give a single, or small selection, of your key staff an in-depth understanding of your data protection requirements. This session is perfect for your senior management team, or for creating “data protection champions” within your organisation.
Data Protection Health Check
If you’re not sure where to start, the DP Health Check is perfect for you. The DP Health Check is an independent “warts and all” review of your organisation’s current compliance posture.
Through an initial consultation and then a full on-site / remote review, I will produce a DP Health Check Report which highlights your organisation’s data protection strengths and weaknesses, so you know what to prioritise.
Where necessary, the report will include a number of key recommendations on how to improve your organisation’s position.
Alternatively, if you have a more mature data protection compliance programme and want a targeted review of a specific area, team or process, I am more than happy to create a tailored audit plan with you, to suit your specific needs.
Bespoke Policies and Documents
Policies, Standards and Procedures
Policies and procedures are documents that set out your internal standards and guidelines on a particular topic. They are crucial for your employees to understand and carry out their responsibilities.
I can liaise with you to create policies that go beyond generic templates, to become fully operational and specific documents underpinning your compliance programme.
Examples include:
– Data Protection Policy,
– Data Breach Procedure,
– Data Subject Rights Procedure,
– Data Protection Impact Assessment Procedure,
– CCTV / Video Surveillance Policy,
– Employee Monitoring Policy,
– Data Protection Complaints Procedure, etc.
Template Documents
Compliance with the UK GDPR does involve a fair amount of documentation. Rather than reinventing the wheel every time, sometimes it’s easier to create a template and continue to use it. I can help you to create bespoke documentation templates that are specific to your organisation, to move away from “tick box” compliance and towards real value-add.
Examples of template documents that I can help to create include:
– Records of Processing Activities,
– Personal Data Breach Log,
– Data Protection Impact Assessment,
– Legitimate Interest Assessment,
– Transfer Impact Assessment
Privacy / Fair Processing Notices
One of the key principles of the UK GDPR is “transparency”. Individuals have the right to be informed about how you’re processing their personal data. This is generally achieved through a document called a “privacy notice” or a “fair processing notice” (you’ll also see these called a “privacy policy”). The law sets out a very clear list of the types of information you are required to provide.
Lots of privacy notice templates are generic and written in legalese. Often, they’re not only hard to understand, but may also not even comply with the specific legal requirements.
I can work with you to create bespoke privacy notices, that are tailored to your processing activities, and crucially, tailored to the intended audience. For example, if you’re processing the personal data of children, the notice should be designed to be understood by children.
Advice and Consultancy
As well as my specific services, I also offer general advice and consulting on all data protection matters. For example, I can help you with:
- Investigation of and response to data protection complaints, or personal data breaches.
- How to handle a data subject rights request.
- Conducting or reviewing data protection impact assessments.
- How to mitigate specific risks, or close identified compliance gaps.
Please be aware that HD Compliance is not a legal practice. Any advice given as part of the Services must not be considered legal advice. As such, any advice given by HD Compliance will not be subject to the benefits of legal privilege. Please consult a solicitor, if legal advice is required.
Why HD Compliance?
I have seven years of experience building data protection compliance programmes from the ground up, in a range of different regulated sectors.
I have worked in very large organisations, medium organisations and very small organisations. I have also worked across both the private sector and the voluntary sector.
My consultancy services are aimed at small to medium sized organisations (businesses and charities). My number one goal is to helping your organisation achieve it’s goals, in a safe and compliant way.
Pricing
When you reach out to me via email, I will either book a consultation call with you to scope your request or, if your request is straightforward, I may give you a quote immediately.
Either way, the pricing for my services will be transparent and up-front. There will be no hidden or surprise costs.
My pricing reflects the complex and specialist nature of these services, but also takes into account the needs and restraints of small to medium sized businesses and charities. In some cases, discounts may be agreed.