image

GDPR & Data Governance

In today’s business world, organisations must demonstrate accountability and provide evidence of their understanding and mitigation of data processing risks. GDPR compliance requires various intricate, time-consuming, and continually increasing difficulties. It is critical to put in place appropriate technological and organizational measures that are examined regularly. The GDPR should not be thought of as a delegated checkbox exercise. The Information Commissioner’s Office (ICO) has underlined the importance of creating a “culture of accountability,” which requires the highest management level to be accountable for GDPR compliance throughout the organization. Forti5 is well-equipped to provide efficient, enterprise-level services that can be customized to your unique requirements and budget, saving you significant time and money.

AFFORDABLE, TIME-SAVING GDPR SERVICES

Call or send us a request. We are on hand to have an initial chat about your concerns or requirements.

Audit and Road Map to Compliance

We offer a service in which we will audit the organisation for the implementation of the Data Protection Act 2018 as described in the ICO’s Data Protection Accountability Framework. The audit will also review the application of the Privacy and Electronic Communications (EC Directive) Regulations (PECR) 2003.

The output from the audit is a report on the findings from the audit, including evidence of good practice, non-conformities, and the remediation required, along with a roadmap to guide the organisation to comply with the DPA2018 and PECR.

If you want to know more about this service, speak to our data protection expert Carl, at carl.wills@forti5.tech

DPO Bureau Service

WE offer a DPO Bureau service for organisations that do not need a full-time Data Protection office. Bureau service will provide support for the data protection lead (DPL) within the organisation. Forti5 Technologies will provide support in data protection issues, including:

  • Keeping the DPL up to date with changes in legislation, ICO rulings, and practices in data protection.
  • Implementation of data protection by design and default.
    • Updating policies and procedures to reflect changes in legislation, ICO rulings, and practices in data protection.
    • Supporting the DPL in completing
      • Process flows, IAR and the RoPA.
      • Data Protection Impact Assessments.
      • Legitimate Interest Assessment (Balance test).
      • Data Subject Access request.
      • Breach reporting.
  • Reporting on risk and compliance to the board.
  • Developing an internal audit programme

If you want to know more about this service, speak to our data protection expert, Carl, at carl.wills@forti5.tech

 

Charities and Not-For-Profit organisations.

Our experience has shown that for some charities and not-for-profit organisations, their data protection compliance journey has never really started or was haphazard in its implementation. Where this is the case, the cost of an audit is not the best use of limited funds, and what they need is to rebuild from the foundations upward, putting in place privacy by design and default.

To help charities reduce the cost, given that many charities are money-poor, but people-rich,

we offer a service in which we work with the charity to define a road map, their journey towards compliance. We then put the road map onto our online tracker. The charity, under our supervision, and supported by our guidance note and videos, implements the roadmap. We will review the work to ensure that it is compliant with the legislation.

If you want to know more about this service, speak to our data protection expert, Carl, at carl.wills@forti5.tech

SERVICES BLOGS

3rd Party GDPR Audit.
Why do we need a Privacy Notice?
Why are documented GDPR processes necessary when selling a business?