The General Data Protection Regulation 2016 takes effect in the UK and Europe in May 2018. The new regime is not only more onerous but will carry the risk of hugely increased fines - up to Euro 20m or 4% annual worldwide turnover whichever is greater.

So how can organisations best prepare for the new rules?

At Wellers we have designed a practical approach to this issue. We offer a legal audit, designed to provide a full legal assessment, helping you to control the risks for your organisation. This process assesses both day to day and longer term risks and includes an examination of:

  • The different types of data you hold
  • What happens to that data in your organisation
  • Where the biggest risks for non-compliance are
  • How to achieve compliance in a way that is appropriate, proportionate and cost effective for your organisation

Once we assess the extent to which you comply with the rules we deliver a user-friendly report identifying what you need to do against a clear Red/Amber/Green warning system.

This approach enables you to spot the most urgent corrective action you need to take to minimise the risk of serious breaches by your organisation as well as highlighting other steps you ought to take so that systems and controls can be put in place which will reduce the risk of serious failures.

Download our Guide to GDPR

Tailored to your needs

Our service can be tailored to suit your budget and requirements, whether you are a business or charity as well as focusing on the aspects of your organisation where you believe you are most vulnerable to risk. The report will be objective and practical to give you a full picture of the current state of your data compliance and the actions you may need to take.

Through the Wellers Data Audit service your organisation will:

  • Gain an understanding of all the different types of data it holds – surprisingly most organisations don’t know!
  • Understand what happens to that data and how it is processed throughout the organisation
  • Identify the areas where compliance with data protection laws is weakest (if any) including an in-depth analysis of marketing practices (if required)
  • Analysis of transfer of data outside the UK and worldwide generally – there are rules which affect this so it is crucial to understand these patterns
  • Identify where there are policy gaps in your organisation affecting data use
  • Obtain policies which are necessary for compliance together with advice on how to use/implement those policies
  • Advice on new data protection rules and how to comply with them
  • Advice on appointment of a data protection officer and privacy impact assessments
  • Assistance with a data breach response plan
  • Providing training for all staff on data protection requirements to create a compliant culture which also significantly reduces the risk of failure
  • Assistance re making data protection compliance a value add in terms of customer/supplier/employee trust in your organisation
  • Advice on handling failures if they arise and minimising your reputational damage if there is a serious failure such as a cyber-attack
  • Advise on dealing with customers/individuals if their data is leaked and approaching the regulator

Please contact Natalie Wood on 020 7481 2422 or email natalie.wood@wellerslawgroup.com  for more information on our data health-check service