So now 25th May 2018 has passed, is there still anything left to address in GDPR?
Definitely! Most of our projects are still very focussed on GDPR and wider data protection and privacy considerations, to help keep organisations like yours safe and so that you can continue making the impact you do. Every project focusses on slightly difference areas but in general our services include:
GDPR readiness review – check work done so far and identify gaps to fill (this has been a major part of our work for over 18 months and shows no sign of slowing up). This includes a comprehensive high-level review plus helping with recommendations on cyber security, processes and procedures, data retention and processor contracts. We have special experience of faith-based charities, organisations using volunteers, and those fundraising and operating internationally.
Acting as an interim or part-time DPO – Some organisations are required by law to have a Data Protection Officer (“DPO”) and others want the comfort that comes from external qualified assistance. Realistically, for all but the largest organisations it is not cost-effective to employ your own DPO since it will not be a full-time role, they need to be independent of other departments and the investment in staying up to date with changing guidance is just too expensive. Using us as your external DPO makes sense from both governance and a financial standpoints.
Leveraging the work done for GDPR compliance – many organisations are building on the work done to help them deliver more impact and this is especially relevant if you are now communicating with fewer supporters, so you need to make sure your messages are relevant and personalised. This can lead to a governance review, work on supporter journeys and lifetime value.