DPO-as-a-Service (or just some help looking after GDPR)
Do you need an outsourced DPO Service or just some help looking after GDPR for your business.
Whether a formal DPO or not, the ‘role’ can be given many titles, Outsourced DPO, Virtual DPO, Data Security Owner, GDPR Lead.
If you just need someone to take on the hard work of GDPR then our Data Security Owner or DSO is what you need.
Many organisations don’t need or want to appoint a formal DPO, in fact you only need one if:
- You are a public authority
- Your core activities require regular and systematic monitoring of individuals on a large scale
- Your core activities involve processing on a large scale ‘special categories’ of personal data, or ‘criminal convictions or offences data’?
However, most organisations will need to fulfil many of the duties that would fall to a DPO the majority of which are legal obligations under GDPR.
Tasks or duties most organisations will need to deal with under GDPR:
- Explain what data you process and why in a Record of Processing statement. (not always necessary but highly recommended).
- Production as well as regular review of your privacy statements and data protection policies
- Staff awareness training/education and keeping records of same
- Point of contact for all matters GDPR in addition to other data privacy requirements, for the business, employees and the ICO
- An independent body or individual with access to the highest level of management to ensure GDPR is being taken seriously
- Data Protection Impact Assessments (DPIA) for new projects/initiatives which include in scope personal data
- Development and implementation of a policy and process for breach reporting as part of an overall incident management function
- Maintaining expert knowledge of data protection/GDPR rules and law
What do Organisations Really need?
GDPR Auditing realised that although no two clients are the same, many of them face the same challenges e.g.
- They must comply with GDPR
- Most do not have a dedicated resource
- GDPR is a distraction from their main business
- They are not GDPR specialist and most do not understand it very well
- They need varying levels of help, month to month week to week
- Most do not need a DPO
We offer two levels of service
DPO as a Service (DPOaaS) for organisations who need a formal DPO, which covers the specific DPO responsibilities required by the GDPR and helps to enforce organisational responsibilities necessary for the DPO to operate effectively.
Data Security Owner (DSO) for organisations who don’t need a formal DPO but who do need help with GDPR.
What do I get
Please follow the links below for more information
DPO-as-a-Service – from £1,000 per month
Data Security Owner Service – from £750 per month