ABOUT OUR SERVICES
We offer a turnkey service to assist organisations comply with the requirements of the GDPR regulations. We know from our current clients that many organisations are unaware of their responsibilities and are confused by the jargon around GDPR. To address this, we have developed a GDPR Implementation Programme to ensure organisations meet their GDPR obligations. The programme is consultant-led. One of our experienced consultants will work with you to identify what actions need to be taken and draft all the required documentation, leaving you more time to manage your business.
WHO NEEDS THIS SERVICE
All organisations are likely to hold personal data, even if it is just details of their employees, and so needs to comply with the requirements of GDPR. This programme is particularly suited to small organisations and organisations who do not collect and process large amounts of personal data.
WHAT WE DO
Every project starts with a FREE face-to-face consultation, typically lasting 1 – 2 hours. Based on this consultation we will draw up a programme and associated costings which will be sent to you for approval. You are only committed to using and paying for our services once you accept the programme and costings.
Each programme is designed to match the individual needs of the organisation, but typically will include the following steps:
|STEP||WHAT WE DO|
|1. Personal Data Audit||Identify all personal data in use within the organisation, how it has been gathered, where it is stored and what it is used for. A Register of Personal Data Assets will be produced.
We will then identify the legitimate basis on which you hold the data and provide advice on appropriate actions if you a holding data for which there is not a legitimate basis under GDPR.
|2. Data Safeguarding||We will review your security and safeguarding arrangements for the data you hold and make recommendations on how it can be improved.|
|3. Third party processing||We will review your arrangements for third-party processing (e.g. wages processing, cloud backups) and carry out the necessary checks to determine whether the data is being appropriately safeguarded.|
|4. Privacy Notice||We will draft a Privacy Notice to explain what data you hold, the basis on which you hold it, the use you make of it and how the data is safeguarded|
|5. Procedures||We will draft procedures on how to address the exercise of individuals rights under the legislation, including:
– A data access request
– A request for erasure of data
– A request for correction of data
– An objection to the data being held or a request to restrict processing.
|6. Training||We can provide training for your staff in the desired format. This could include:
– The provision of training materials
– A training course
– On-line training
|7. Registration||We will review your registration with the Information Commissioners Office and ensure that it correctly reflects how you hold and process personal data.|
TIMEFRAME AND COSTS
This will vary, dependent upon the needs of the organisation. For a small organisation the costs would typically be in the range of £1,500 – £4,000 and the project would be completed within 6 weeks. A formal quotation and programme will be issued prior to the commencement of work
As with any piece of legislation, the interpretation of the legislation over time may change, based upon court judgements. In addition, every organisation will have changes in the data it holds and the use to which it is put. To assist organisations, we provide an on-going support package which ensures that you remain compliant to the requirements of the legislation. This is provided on the basis of a fixed annual fee. Further details can be provided upon request.
We have used Atlantic Consultants to maintain and improve our quality system for the past seven years and have found their assistance and input to be extremely informative and helpful. Their knowledge and understanding of the quality standards is extremely good and the help with carrying out internal audits and attending assessment audits is invaluable. read more
Atlantic Consultants have managed and carried out Internal Audits on our ISO systems for the past 17 years. This has enabled us to successfully retain our certification over this period of time, and also make the whole process painless!
Adrian helped us achieve ISO 9001 and 14001 in just over 4 months. His astute and systematic approach enabled him to extract the necessary information to develop and refine our business model to the necessary standards. Working with him was a thoroughly enjoyable experience – all our staff found his encouragement and leadership blended with sheer hard work to be an inspiration. Thanks Adrian – great job! read more