Many organisations are aware of GDPR (some aren’t) and realise that they need to do something about it, however they don’t feel that they have the staff resources or the financial freedom to have a full audit and then undertake a potentially large remediation plan.
If you are looking for something which ticks some of the boxes, tells you what you need to do as a priority and does a lot of the work for you all for less than the price of an audit, then kickstart is the solution.
The GDPR kickstart service is a cost effective and resource efficient way to achieve a level of GDPR compliance. There is no certification scheme for GDPR and therefore no such thing as absolute compliance. However, the Information Commissioner states that each organisation should take “adequate, and appropriate measures proportional to the risk”, and we believe that our service will for most small businesses provide a compliance state that meets these criteria.
The service is based around our successful Workbook GDPR Toolkit which you get as part of the package (RRP £600+vat). We help you fill in all the critical workbook tabs, help you amend your letters of engagement, advise on counterparty contracts giving you the relevant wording to add, and help you create/amend all your privacy notices along with looking at any marketing you do to ensure it is compliant. We can also provide the necessary staff awareness training through a workshop and other materials.
What You Get at The End of the Exercise
- Completion of the Record of Processing tab relevant to your business
- Verification and amendment of the Data Retention Schedule for records that are relevant to you
- Online privacy notice framework document with relevant content that can be used to create web page(s)
- Reviewed and annotated versions of up to three counterparty agreements to bring into line with GDPR
- Reviewed and annotated Data Protection elements of Employee contracts
- Counterparty contract clauses guidance document, referencing clauses and statements required to be inserted into processor agreements/contracts
- Technical and Organisational Security Measures (TOSM) Actions and recommendations document – showing tasks required from your business (or your 3rd parties) to complete all sections of the TOSM tab
- Help and education relating to completion of the rest of the workbook
- We also provide you with a ‘Statement of Compliance’ outlining the steps taken toward GDPR – you can post this on your website so your clients and others can see you are taking it seriously
As a side benefit your nominated resource will get some education around GDPR – this is critical for compliance as all organisations need to understand GDPR and not have it done to them.
The workbook provided al the templates, form and records you need for GDPR, including a full risk framework and DPIA guidance and workflow.
For full details on what is included with the workbook and toolkit go here.
Get in touch