GDPR Compliance and Ongoing Support
Many companies are yet to understand the compliance needs of GDPR. The regulation requires ALL entities to be fully compliant by not later than 25th May 2018. The regulations are clear and it takes only minutes to find out from us what your obligations are going to be in terms of compliance - please do get in touch to ask, the advice is free.
Nichcom provides a turnkey solution for GDPR compliance that can completely manage the process with you. We are accredited, we understand every aspect of the needs and we can quickly assess your level of compliance and the changes required within your company. As a part of our turnkey solution, we provide a full set of policies and guidelines, as well as actively managing the overall change management and implementation that you need.
Nichcom also acts as a follow Virtual Data Protection Officer for companies that need to comply but do not want the expense of training staff in this specialist expertise area, or perhaps do not want the administrative burden in-house. Depending on the nature of your business, you simply may not have a choice in the appointment of a DPO. That's certainly not to say that you cannot carry out the function in-house but if you are considering your options we can give you clear guidance on what you will need and make a proposal for our services as an operational and financial credible alternative.
Although GDPR is an EU regulation, it will affect ANY business worldwide that sells good or services, processes data or monitors natural persons within the EU. The regulation requires organisations worldwide to have a European representative where there is no presence of the organisation within the EU and we offer a service as get link Virtual GDPR Representative.
Whatever your needs, whether it's some quick advice, support for a part of your compliance, a turnkey solution, or ongoing representation as DPO - please get in touch for some clear initial advice for free.
GDPR Compliance and Virtual DPO Services
The GDPR makes it a requirement that organisations appoint a data protection officer (DPO) in some circumstances. The regulation also contains provisions about the tasks a DPO should carry out and the duties of the employer in respect of the DPO.
Under the GDPR, you must appoint a DPO if you:
- are a public authority (except for courts acting in their judicial capacity);
- carry out large scale systematic monitoring of individuals (for example, online behaviour tracking); or
- carry out large scale processing of special categories of data or data relating to criminal convictions and offences.
The definition of "large scale" will apply to a majority of organisations, as it does not mean the follow url amount of data being taken or processed, but whether measures such as data subjects being regionally spread geographically (which in most cases will apply).
You may appoint a single data protection officer to act for a group of companies or for a group of public authorities, taking into account their structure and size.
Any organisation is able to appoint a DPO. Regardless of whether the GDPR obliges you to appoint a DPO, you must ensure that your organisation has sufficient staff and skills to discharge your obligations under the GDPR.
Nichcom have Certified Data Protection Officers that can ensure that you continue to meet your obligations, as well as ensure that any further changes in legislation are quickly and easily communicated and incorporated into your compliance.
Non-Executive Board Support
Data Protection Officers are expected to report to the highest authority in an entity and in most cases that ought to be the Board.
Andy Brown, our founder, has a long history of interim C-Level roles including FTSE50 corporates (BT, EON, Lloyds Bank) as well as smaller publicly quoted companies. Knowing how to interact with a Board, give great advice and add value is the essence of a non-exec. We are ready to support your business, and a non-exec role is a credible adjunct to the DPO role.
We are happy to give some advice on the phone or by email. If there's a role for us that's great of course but you won't find us pressuring you through a sale process. We're here to help... it's a human thing.