Targeted Data Protection Review

Are you confident that you can still demonstrate compliance with UK GDPR, PECR and the latest ICO and NCSC guidelines?

An external review gives that assurance, and especially when conducted by Nick Swain, who has such a track record of helping charities to stay safe and demonstrate compliance.

We offer a full Data Protection Review, but sometimes your needs, or your budget, require a more targeted approach; and so we are pleased to launch our new low-cost Targeted Data Protection Review.

The Targeted Data Protection Review is ideal for you if:

  • Things have changed – We could demonstrate compliance with GDPR in 2018 but our work, staff and systems have changed and so we need to check these areas again now.
  • Limited budget – We know that we need to demonstrate compliance but don’t have the budget for a full Data Protection Review, and so for now we just want help to focus on the highest priority areas.
  • Data Protection is just part of a role – The person managing data protection has other roles too, so we need the assurance of external help to check the highest priority areas are properly covered.
  • Identified risks – We are aware of particular risk areas, and we need the assurance of external help to make sure we are doing the things correctly.

The targeted Data Protection Review is still tied to the ICO’s Accountability Framework and guidance from the National Cyber Security Centre, but you can choose the areas that are most important to you (with our guidance if you like). This is how it works:

  • The entire review takes 1.5 days, normally split into 3 half-day sessions
  • For each half-day, there will be a 2-hour Zoom call (onsite is also available) preceded by us reviewing any relevant documents you have, and some follow-up
  • During each session, we will work through the topics in the order you have chosen, and you choose when we move to the next topic (expect to cover up to 5 topics across all the sessions)
  • We make notes and recommendations at the time, and these are sent to you at the end of each session

Whilst you are free to work on the recommendations yourself, we can also help with specific items on a fixed-price basis.

The benefits to you are:

  • This is a much lower cost option that then full Data Protection Review and is ideal where you just want to check on specific areas
  • You can choose the topics we look at from the list below, or suggest your own
  • You can invite any number of colleagues on to the Zoom calls

Topics can include:

  • Privacy Notice
  • Information Audit/RoPA
  • Signup forms
  • Lawful basis including consent
  • Cyber Security
  • Role of a DPO
  • Staff awareness and training
  • Special category data
  • Sharing data with other people and organisations
  • Overseas workers
  • Data protection for fundraisers
  • <your own specific questions

To get in touch and start a conversation, just use our contact page or book a free 20-minute insight call using the link (this will ask you to register for a free Zorva Extra account but it gives access to insight calls, free webinars, and more).