Interested in finding out more?

Request a call back
HomeSolutionsData Protection Advisory Service (DPO)

Solve the data protection officer challenge and stay on track for GDPR compliance

Finding and retaining a person with the right skills and expertise to advise on data-protection issues is a challenge. Equally, not all organisations will have enough work to keep a full-time, permanent DPO occupied.

Accessing the skills and knowledge you need as a service through Northdoor will help you address the compliance demands of the GDPR and remove the difficulty, cost and distraction of needing to find, employ and retain a permanent employee.

Tap into expert advice 

The Northdoor Data Protection Advisory Service is designed to help organisations rapidly and cost-effectively access the right expertise for helping address GDPR compliance. With this simple annual subscription – tailored to fit your specific requirements – Northdoor assigns an expert Data Protection Advisor to serve as an independent data protection specialist for your organisation.

To augment the Data Protection Advisory Service, Northdoor offers a range of complementary services, scoped according to your needs.

Click here to read more detail about the Data Protection Advisory service 

How to tell if you need a Data Protection Officer

Many companies are finding that there is a market shortage of individuals trained to handle the DPO’s responsibilities. Tapping into external expertise will help your organisation address the compliance demands of the GDPR while staying focused on your core business activities.

1. Your organisation is a public authority or body
In the UK, all government departments, agencies and other public bodies must appoint a DPO. This includes local councils: 15% of which have yet to appoint a DPO (ICO, March 2017).

2. Your core business activity is monitoring individuals regularly and systematically on a large scale
Surprisingly, this can include paying employees, providing standard IT support, email remarketing and location tracking through apps.

3. Your core business activity consists of processing large-scale special categories of personal data or data relating to criminal offences
GDPR defines ‘special categories of personal data’ as ethnic origin, political opinions, religious beliefs, physical and mental health (among others). If you process this type of data on a large scale, including data relating to criminal offences, you must appoint a DPO.

Click here or more information on “Do you need a DPO?

What is the Northdoor Data Protection Advisory Service?

With this annual subscription service, you can rapidly and cost-effectively access the expertise you need for addressing GDPR compliance.

Via a simple subscription, Northdoor provides an expert Data Protection Advisor as required to serve as an independent data protection specialist.

Your Advisor can assist with the implementation of privacy-by-design and data protection impact assessments, serve as the contact point for data protection authorities, and oversee data breach management and reporting.

Northdoor’s Data Protection Advisory service includes:

  • Advising on the implementation and outcomes of privacy-by-design and data protection impact assessments
  • Serving as the contact point for data protection authorities
  • Overseeing data breach management and reporting
  • Attending and providing updates at quarterly board meetings.

Northdoor’s decades of experience in the protection and governance of enterprise data have enabled us to build a comprehensive portfolio of services around the GDPR.

Our services are modular, highly adaptable and can be applied at all stages of any regulatory compliance programme.

                         Download PDF

Northdoor can provide the following related GDPR services:

  • Outlining a GDPR compliance programme based on findings from the GDPR Rapid Response program report.
  • Advising on data protection and information security matters pertaining to the GDPR.
  • Reviewing and advising on privacy policies, procedures and documentation.
  • Monitoring the collation of records of personal data processing operations.
  • Informing the training of staff involved in data processing operations.
  • Advising on data protection impact assessment (DPIA), their implementation and their outcomes.
  • Serving as the contact point for data protection authorities for all data protection issues.
  • Data breach management and reporting.
  • Serving as the contact point for data subjects on privacy matters, including subject access requests.

Contact us today to find out how we can help you