Do you need a Data Protection Officer? Does that mean you have to employ someone for that role or does someone in the senior team have to take on this responsibility? Not necessarily. We are able to offer a Data Protection Officer Service. This can save you having to add someone to the payroll or take them away from their other duties.
You may anyway not need someone to be available for this 100% of their working day. So you can buy what you need from us, be it a day a week, or a day a month and/or a review and spot check policies and their implementation.
You will have a named, dedicated, qualified expert as your DPO. Most of the work will be done remotely, but on-site time can be arranged. This person will help to keep you compliant, conduct data protection audits, liaise with the ICO and data subjects on your behalf as well as assisting and advising on specific tasks which will inevitably come your way, such as Data Protection Impact Assessments, Data Subject Access Requests, staff training (a legal requirement) etc.
Our normal consulting charges are £200/hr + VAT. However, contact us to talk through what you need and we can bespoke and quote accordingly.
Some organisations are required by law to appoint a DPO; for example, those processing large volumes of special categories of data as defined under Article 9 of the GDPR. The data types are - health data, biometric data for the purpose of identification, genetic data, data concerning racial or ethnic origin, trade union membership, sexual orientation or sex life, political opinions, religious or philosophical beliefs. This will include many healthcare businesses, most GP practices as well as other sectors. However, the ICO recommend that you at least consider appointing a DPO in any case if you process personal data (which virtually all businesses do) and to document your rationale if you choose not to. Often it is seen as good practice to appoint a DPO in order to demonstrate to your customers and staff that you take data protection seriously.
Our team of Data Protection experts work across many sectors outside of the legal sector and also with businesses operating outside of the UK.
You can read in more detail about the DPO responsibilities and who needs to have one here: https://www.hunningsconsultancy.co.uk/what-does-a-dpo-do-who-needs-one/
If you don't want to appoint a DPO at this stage, but want advice & assistance on GDPR & Data Protection then talk to us. Book a free, no obligation chat.
General GDPR & Data Protection Support - this could be projects, reviews or general advice short of the appointment of a DPO
Training on GDPR & Data Protection - customised to your need
Training on Cyber Security and also support if needed. We can also recommend someone to assist you with obtaining Cyber Essentials, Cyber Essentials plus or IASME accreditation.
07887 524507 or [email protected]
Or fill in the form below
Listen to a brief podcast about these services:
Here are a few things our DPO does for our clients:
Johnny Nichols - COO at Keller Lenkner UK
"Nick has supported us through a period of rapid growth in clients, people, locations, products and systems. As for so many firms, data is at the heart of our legal work and we cannot afford to cavalier about compliance or security. He has guided us with the necessary expertise but it is his real life input that has enabled us to address data priorities in a pragmatic and effective manner. His guidance has enabled us to achieve Cyber Essentials and IASME certification as well as to navigate some of the conflicting dynamics between competing data rights. He is also a joy to work with and I recommend him wholeheartedly."
Vinod Kathuria - Clinical Director at Tula Medical Experts
"Nick has been a valued advisor since operations began at our company. In addition to helping us achieve the full certification we required, he provides continuing support. Dealing with sensitive data, our business has constantly changing needs. Nick is professional, responsive, friendly, and accommodating. Nick and his team have an understanding of and eye for commercial consequences, as well as a robust and up to date knowledge of data security and privacy regulations. This practical approach is invaluable to any business, ensuring compliance as well as good practice, both of which are increasingly important to clients and regulatory bodies alike."
"I was pleased and impressed by the work done by HCL in turning around within 3 working days our request for a review of our Privacy and Data Protection Policy. We wanted to ensure that it was up to date after Brexit and in general for it to be reviewed for compliance. HCL had their Data Protection Officer review it and he made suggestions which were helpfully done as tracked changes.
HCL where extremely knowledgeable and we are grateful to them for their help to create a robust policy for our organisation. Thank you HCL"