Business Legal Services
Data Protection Health Check
Achieve compliance with UK GDPR and data protection laws with a clear action plan, training and support
If you process any personal data – for your employees, contractors or clients, you need to ensure you are not in breach of data protection rules.
Our data protection audit package is a quick and easy way to address your compliance needs. You’ll get a report identifying any shortcomings in your compliance, and access to jargon-busting training material for your staff.
Your data audit package
When it comes to data protection, there is no one-size fits all approach, you must implement measures and design a compliance programme that is proportionate and appropriate to your organisation. Our data protection health check package is the perfect starting point, helping your business address its obligations to comply with UK GDPR and data protection laws.
Data protection audit and gap analysis report
Our data protection audit will identify any shortcomings in your data processing and provide clear actions to correct them.
You will receive a gap analysis report which sets out our initial findings and suggested steps to help your company:
- Progress towards meeting current and future data protection requirements
- Safeguard personal data, data subjects, data processing and company reputation
- Strengthen its position with the ICO in the event of a complaint or an incident
Access to training materials
A key principle of UK GDPR is accountability. Ensuring your staff have appropriate training is one way to demonstrate compliance as well as helping to reduce your chances of a data breach.
Access 3 x 30 minute training videos covering:
- Foundations of data protection – some jargon busters and explanation of key principles and legislation
- Data Protection and Marketing – with a focus on consent and common data uses such as email marketing
- Data Protection and HR – key considerations around employee personal data from recruitment to health information
What we’ll do and when
- When you sign up for a data protection health check, we will introduce you to the senior data protection solicitor who will compile your gap analysis report.
- You will then be required to fill out a questionnaire regarding your current data protection practices and compliance, this will form the basis of the gap analysis report. If you have questions about how to complete the questionnaire, one of our legal assistants will be available to support you through this step (the package allows for 30 mins of legal assistant time, any extra time spent will be chargeable*).
- Once the questionnaire is completed, your assigned solicitor will compile your gap analysis report. We will aim to deliver this within one week of receiving your completed questionnaire.
- When the report is delivered you will also receive links for the three online training videos to share with your team.
- The package is delivered at a set price – five hours of solicitor’s time (not including any ‘extra’ time incurred*). You will be billed at the end of the month in which you receive the report.
What happens after you receive your report?
- You will now have a clear idea of what needs to be done and where your priorities lie to maintain compliance with UK GDPR and data protection laws.
- However, ideas are nothing without execution! We understand the logistical challenges your business may face whether that’s buy-in, upskilling, creating the right templates and policies, or developing processes.
- Our friendly team can provide a full range of follow-on services to support you and your business with data protection compliance.
We’re not like traditional law firms. To provide your business with flexible and affordable legal support, there are three different ways you can work with us: pay as you go and two subscriptions. Learn more about our service plans.
How much does the package cost?
One-off legal support for any business
Monthly subscription for start-ups and SMEs
Quarterly subscription for larger businesses
|Health check||£1,250||£625*||At your hourly rate|
Our data health check is the equivalent to five hours of legal support.
*minus any accrued inclusive support.
Data protection applies to all businesses
What happens if you get data protection wrong?
Data protection legislation applies to any information an organisation keeps on staff, customers and suppliers, and will likely inform many elements of business operations, from recruitment and HR, to sales, marketing or account management.
Businesses are operating in a data-centric world where personal data is the new ‘commodity’. If the ICO receive a complaint about your company they will investigate.
The resulting impact can include any of the following:
A drain on resources
Whether a claim has merit or not, your team will loose precious time evaluating and responding to any issues. This distracts from your business as usual and can affect your bottom line.
Preventing business operations
The ICO can take enforcement action which could significantly impact your business operationally, for example by banning the processing of data or suspending transfers.
Actions by ICO and court proceedings are in the public domain, so if you are found to have breached UK GDPR the damage to your organisation’s reputation could be long-reaching and signify a breakdown of trust with your customers/suppliers/employees.
Claims from private individuals
Individuals are more data protection savvy, meaning they understand their rights more. If a fault occurs, they can issue a private claim directly through the courts for compensation.
The UK GDPR and DPA 2018 set a maximum fine of £17.5 million or 4% of annual global turnover – whichever is greater – for severe infringements.
It’s important to note that directors can also be personally liable for data breaches or other data protection failures in some circumstances.
Data Protection Health Check
Gap analysis report
What are the benefits of a data protection audit?
An audit is your first step towards compliance, providing a bird’s eye view of what personal data your organisation is handling and where the key risks lie.
Please be aware, the audit alone will not guarantee compliance, you may need to action additional steps and require follow-up support to ensure full compliance.
UK GDPR imposes an accountability requirement on every business that controls or processes personal data. You must be able to show – on an ongoing basis – that you are meeting the requirements of UK GDPR. A data protection audit is one of the best ways to do this.
A clear action plan
We’ll highlight any pitfalls and use our experience to prioritise action points, providing practical recommendations specific to your business and data practices.
Help manage your data
With the company-wide review of data inherent in a data protection audit you will be able to identify what unnecessary data you hold and dispose of it in accordance with your data retention policy.
Rely on our expertise
As experts with a rare mix of technical legal knowledge and hands-on industry experience, you can rely on us to solve problems quickly and provide practical solutions.
Raise staff awareness
Your staff need to be aware of data protection rules and its impact on the way personal information should be treated.
Provide peace of mind
A comprehensive data protection compliance audit followed by implementation of any recommendations made by our auditor provides you with the peace of mind to know that you have taken all reasonable steps to comply with your obligations under UK GDPR.
To see the value our audit and gap analysis report will provide, we’ve created a sample for you to preview.
Why choose our data protection solicitors?
Let us reduce your risk so you can focus on what you’re good at: your business
Data protection compliance is rarely straightforward and can overwhelm some small and medium-sized businesses.
Our data protection solicitors are here to support your business, providing clear, jargon-free advice that allows you to maintain your business as usual effectively while complying with various data protection rules.
Our team has a rare mix of technical legal knowledge and hands-on industry experience. We have extensive experience gained at other top law firms, and crucially members of the team have worked in-house for large commercial organisations. So, we understand the practical difficulties businesses face in trying to meet their data protection obligations.
Find out more about the team here: