Data Compliance Services

Record Retention, GDPR/ePR, Legal Holds

Over-retention, Litigation exposure, Fines/investigation, Reputation

Dispose of ROT, Document review, Legacy Systems, Migrate to cloud

Easy to find and use information, Simpler processes, MI and business insight

• Better understanding of data flows and purposes help establish a baseline for data strategy implementation.

• Staff access data on need-to-know basis providing better protection

• Enhanced transparency requirements leads to an opportunity to build relationships and trust

• Stricter contractual requirements give better protection

• Greater oversight gives more control

• Enhancement made to applications to deliver GDPR obligations ensure applications are fit for the future and address past issues

• Belief and greater backing for your privacy programme

• Accountability to give Exec and Board comfort

• Increased awareness to drive culture of privacy by design

• Increased confidence from regulations

• Opportunities to win business if you can demonstrate you are a responsible data controller

• Increase volume of rights requests across all industries

• UK, rather than an EU phenomenon

• Increased demands on resources

• Can be exploited as part of legal or claims management tactics

• Verbal requests are valid

• Greater awareness of GDPR = greater complaints about GDPR

• Legitimate Interests for Marketing can confuse customers so needs clarity of explanation

• GDPR breach notification requirements mean greater attention on reviewing and understanding incidents to meet 72 hour deadline

• Decisions must be documented

• Need to ensure prompt notification, including from supply chain

• How can your organisation continuously evidence adherence to GDPR standards?

• How can you ensure your legally required records of processing are up to date?

• How can you ensure DPIAs are completed?

• How can you maintain governance to ensure appropriate oversight?