Data Protection Audit

Legally Trained Consultants

Our data protection audits are unique to each client

A big challenge for organisations is ensuring they have compliant data protection practices and procedures in place. If you do not employ, or have, information governance or data protection professionals in your organisation, it is likely that you have gaps and weaknesses in your compliance.

Before you can address any issues which may exist, you need to understand those gaps and issues. That’s where our data protection audit services come in. This will help you understand what is and isn’t working, what is and isn’t lawful, and encompass all the recommendations and actions which you need to take to improve your practices and be compliant with the law.

We provide thorough gap analyses, regardless of your size or your industry. You can take confidence in the fact that we undertake health checks on a routine basis, so we know what to look for, and we know how to present the information in an informative, yet digestible way.

We ensure that all our health checks are unique to each client, so you don’t feel like you are getting a template or a copy and pasted health check. We make sure we provide a deep dive into your organisations governance and practices to really see what is going on, and not just take a view from what we see from the surface. When we’re done, we will let you know all the gaps we found in our audit and what steps you can take to address them.

Project Showcase

We were commissioned by an organisation to undertake a deep dive into their current state of data protection compliance. They were a large organisation with a high staff count, various policies and procedures, as well as processing sensitive personal data on a large scale.

To properly undertake this health check, engagement was key. We met regularly with service leads and regular stakeholders to gain a better understanding of the organisation’s day-to-day practices. We reviewed their policies, procedures, data processing and sharing agreements as well as undertaking an enhanced data protection impact assessment of their main platforms.

At the end of the process, we were able to produce a detailed report highlighting the organisation’s compliance against the data protection legislation as well as their contracts with different organisations. We highlighted key areas of improvement where we felt they were short of compliance, and more importantly, offered advice and recommendations on how they could achieve it. We strongly believe that telling organisations on how they can improve is more important than telling them what they need to improve on.

When undertaking a health check, we undertake:

  • A review of your organisation’s structure to ensure that there are proper data protection roles and responsibilities in place;
  • A review of the processes in which you collect, capture and process data, including any further processing;
  • A review of your data protection/ information governance policy documentation;
  • A review of your fair processing materials;
  • A review of your record of processing activities and information asset registers;
  • A review of your data storage processes;
  • A review of your engagement with third party processors;
  • A review of your internal organisational information governance practices;
  • A review of your template forms, standard operating procedures (relevant to data protection); and
  • Specific aspects of compliance you are concerned about

For each area, we will undertake a comprehensive review to capture any strengths and weaknesses within your organisation, providing recommendations and outputs against each area for you to consider and take action on (as necessary).

To find out more, to get in touch, or to get a quote, please get in contact with us on how we can assist you and how we can provide a data protection health check for you.

Get in touch with us today to book a free 30 minute consultation and find out how we can support you achieve compliance.

Legally Trained Consultants

What we will check for in our health checks

We are here to assist:

Our Services

We provide a full data protection and information governance consultancy service to all our clients who engage with us. We provide flexible packages and services to make sure that you only pay for what you need, so you aren’t paying for unnecessary services. Whatever you and your organisation need, we are here to help.

Data Protection Consultancy

Data Protection Officer (DPO) Services

Data Protection Impact Assessment (DPIA)

External Independent Reviews

Data Protection Training

Fair Processing Materials

Data Protection Audit

Information Governance Policy Development

Data Security and Protection Toolkit (DSPT)

Record of Processing Activities (ROPA) & Information Asset Registers (IAR)

Packaged Services

Other Services

Incident Management

Send Us A Message