Do you know your top 3 data protection risks?

Get a clear view of how well your business complies with the UK General Data Protection Regulation, UK Data Protection Act, the Privacy and Electronic Communications Regulations and Data (Use and Access) Act. 

What is reviewed

• Lawful basis and data mapping
   
• Records of processing and accountability
   
• DPIAs and high-risk processing
   
• Data subj

Get a clear view of how well your business complies with the UK General Data Protection Regulation, UK Data Protection Act, the Privacy and Electronic Communications Regulations and Data (Use and Access) Act. 

What is reviewed

• Lawful basis and data mapping
   
• Records of processing and accountability
   
• DPIAs and high-risk processing
   
• Data subject rights handling
   
• Supplier contracts and data sharing
   
• Security and breach readiness
   
• Marketing, email, cookies, and PECR compliance
   

What you get

• A clear, written report on your current compliance position
   
• Where you are exposed to regulatory, contractual, or reputational risk
   
• What should be fixed first
   
• What could cause serious problems if left as it is
   

Everything is prioritised by risk, so you can act with confidence.

Available at various levels of support, if your audit shows gaps or you already know you're exposed, I step in to deliver an operational data protection framework focused on reducing risk and maximising opportunity.  

What is included 

• Data protection impact assessments including use of medical devices, CCTV, artificial intelligence and emp

Available at various levels of support, if your audit shows gaps or you already know you're exposed, I step in to deliver an operational data protection framework focused on reducing risk and maximising opportunity.  

What is included 

• Data protection impact assessments including use of medical devices, CCTV, artificial intelligence and employee monitoring
   
• Lawful basis and data mapping
   
• Policies, notices, and internal governance
   
• Data subject access request processes
   
• Personal data breach incident response and logging 

• Supplier due diligence including contracts and data sharing agreements
   
• PECR fixes: email/SMS marketing, cookies, consent models
   
• International data transfers

• Data sharing during mergers and acquisitions
   

You choose the level of support required and receive practical compliance. This is not a one-off policy service, it is designed to help you sustain and maintain compliance. 

For organisations where data protection risk is ongoing including multi-site clinics, clinic tech providers or any business handling large or sensitive datasets, this is long-term leadership for your data protection function.

What is included

• Ongoing compliance oversight and management of actions resulting from audits
   
• Incident and breach m

For organisations where data protection risk is ongoing including multi-site clinics, clinic tech providers or any business handling large or sensitive datasets, this is long-term leadership for your data protection function.

What is included

• Ongoing compliance oversight and management of actions resulting from audits
   
• Incident and breach management

• Detailed advice and support dealing with data subject requests and complaints
   
• Named as your Data Protection Officer on registration with the Information Commissioner's Office
   
• Reviews of new projects, systems, and suppliers and management of data protection actions & completion of data protection impact assessments
   
• PECR and marketing compliance monitoring
   
• Board-level reporting and risk advice
   

This is not ad-hoc support. It is embedded and ongoing data protection governance.