Business Legal Services
Data Protection Health Check
Achieve compliance with UK GDPR and data protection laws with a clear action plan, training and support
If you process any personal data – for your employees, contractors or clients, you need to ensure you are not in breach of data protection rules.
Our data protection audit package is a quick and easy way to address your compliance needs. You’ll get a report identifying any shortcomings in your compliance, and access to jargon-busting training material for your staff.
Your data audit package
When it comes to data protection, there is no one-size fits all approach, you must implement measures and design a compliance programme that is proportionate and appropriate to your organisation. Our data protection health check package is the perfect starting point, helping your business address its obligations to comply with UK GDPR and data protection laws.
Data protection audit and gap analysis report
Our data protection audit will identify any shortcomings in your data processing and provide clear actions to correct them.
You will receive a gap analysis report which sets out our initial findings and suggested steps to help your company:
- Progress towards meeting current and future data protection requirements
- Safeguard personal data, data subjects, data processing and company reputation
- Manage external and internal data risks including marketing communications, your employees and HR
- Strengthen its position with the ICO in the event of a complaint or an incident
Your report will be ‘legally privileged’, meaning that it will remain confidential to you and your organisation.
Access to training materials
A key principle of UK GDPR is accountability. Ensuring your staff have appropriate training is one way to demonstrate compliance as well as helping to reduce your chances of a data breach.
Access three training videos covering:
- Data protection training for all employees – key issues that all employees need to know about their information handling responsibilities and data protection
- Data protection and marketing – covering consent, cookies and common data uses such as email marketing
- Data protection for employers – key considerations around employer responsibilities and employee information
What we’ll do and when
- When you sign up for a data protection health check, you will be introduced to one of our senior data protection solicitors who will be compiling your gap analysis report. At this point, you will receive access to the training videos and a questionnaire for you to complete.
- You will then be required to complete the questionnaire regarding your organisation’s current data protection practices and compliance, which will form the basis of the gap analysis report. We include a Q&A video walkthrough, which provides guidance on how to complete the questionnaire.
- Once we receive your completed questionnaire, your assigned solicitor will compile your gap analysis report. We will aim to deliver this within one week of receiving your completed questionnaire.
- The package is delivered at a set price – five hours of a solicitor’s time. You will be invoiced for this at the time of instruction.
What happens after you receive your report?
- You will now have a clear idea of what needs to be done and where your priorities lie to maintain compliance with UK GDPR and data protection laws.
- However, ideas are nothing without execution! We understand the logistical challenges your business may face whether that’s buy-in, upskilling, creating the right templates and policies, or developing processes.
- Our friendly team can provide a full range of follow-on services to support you and your business with data protection compliance.
We’re not like traditional law firms. To provide your business with flexible and affordable legal support, there are three different ways you can work with us: pay as you go and two subscriptions. Learn more about our service plans.
How much does the package cost?
One-off legal support for any business
Monthly subscription for start-ups and SMEs
Quarterly subscription for larger businesses
|Health check||£1,250||£625*||At your hourly rate|
Our data health check is the equivalent to five hours of legal support. The costs listed above exclusive of VAT.
*minus any accrued inclusive support.
Data protection applies to all businesses
What happens if you get data protection wrong?
Data protection legislation applies to any information an organisation keeps on staff, customers and suppliers, and will likely inform many elements of business operations, from recruitment and HR, to sales, marketing or account management.
Businesses are operating in a data-centric world where personal data is the new ‘commodity’. If the ICO receive a complaint about your company they will investigate.
The resulting impact can include any of the following:
A drain on resources
Whether a claim has merit or not, your team will loose precious time evaluating and responding to any issues. This distracts from your business as usual and can affect your bottom line.
Preventing business operations
The ICO can take enforcement action which could significantly impact your business operationally, for example by banning the processing of data or suspending transfers.
Actions by ICO and court proceedings are in the public domain, so if you are found to have breached UK GDPR the damage to your organisation’s reputation could be long-reaching and signify a breakdown of trust with your customers/suppliers/employees.
Claims from private individuals
Individuals are more data protection savvy, meaning they understand their rights more. If a fault occurs, they can issue a private claim directly through the courts for compensation.
The UK GDPR and DPA 2018 set a maximum fine of £17.5 million or 4% of annual global turnover – whichever is greater – for severe infringements.
It’s important to note that directors can also be personally liable for data breaches or other data protection failures in some circumstances.
Data Protection Health Check
Gap analysis report
What are the benefits of a data protection audit?
An audit is your first step towards compliance, providing a bird’s eye view of what personal data your organisation is handling and where the key risks lie.
Please be aware, the audit alone will not guarantee compliance, you may need to action additional steps and require follow-up support to ensure full compliance.
UK GDPR imposes an accountability requirement on every business that controls or processes personal data. You must be able to show – on an ongoing basis – that you are meeting the requirements of UK GDPR. A data protection audit is one of the best ways to do this.
A clear action plan
We’ll highlight any pitfalls and use our experience to prioritise action points, providing practical recommendations specific to your business and data practices.
Help manage your data
With the company-wide review of data inherent in a data protection audit you will be able to identify what unnecessary data you hold and dispose of it in accordance with your data retention policy.
Rely on our expertise
As experts with a rare mix of technical legal knowledge and hands-on industry experience, you can rely on us to solve problems quickly and provide practical solutions.
Raise staff awareness
Your staff need to be aware of data protection rules and its impact on the way personal information should be treated.
Provide peace of mind
A comprehensive data protection compliance audit followed by implementation of any recommendations made by our auditor provides you with the peace of mind to know that you have taken all reasonable steps to comply with your obligations under UK GDPR.
To see the value our audit and gap analysis report will provide, we’ve created a sample for you to preview.
Why choose our data protection solicitors?
Let us reduce your risk so you can focus on what you’re good at: your business
Data protection compliance is rarely straightforward and can overwhelm some small and medium-sized businesses.
Our data protection solicitors are here to support your business, providing clear, jargon-free advice that allows you to maintain your business as usual effectively while complying with various data protection rules.
Our team has a rare mix of technical legal knowledge and hands-on industry experience. We have extensive experience gained at other top law firms, and crucially members of the team have worked in-house for large commercial organisations. So, we understand the practical difficulties businesses face in trying to meet their data protection obligations.
Find out more about the team here: