DPA 2018 Compliance Consultancy

The United Kingdom (UK) Data Protection Act 2018 establishes a minimum baseline for companies to ensure the protection of the information they process and give legal rights to people who have information stored about them. It sets new standards for protecting general data, in accordance with the GDPR, giving people more control over the use of their data.

The DPA 2018 applies to Personal Data and Sensitive Personal Data (also known as Special Category Data) which establishes guidelines that all UK companies should adopt for processing, storing and transmitting this information.

The regulation establishes objectives for ensuring the data is collected and used fairly, relevant and used only for the purpose it was collected, kept up to date and only for the length of time it was needed for and not transferred outside of the EEA unless the country has a suitable data protection law.  Above all, businesses must provide an appropriate level of security to ensure the protection of this data.

Compliance to this legislation, while mandatory, can be difficult however, as the DPA 2018 does not establish any specific controls or even a general level of security for businesses to implement.  Your business needs to design a framework conducive to adequately protecting the data based on its sensitivity.

The framework you design needs to be simple, effective and appropriate to the sensitivity of the data and documented in order to stand as proof of due diligence in the event you have a problem.  Above all, it should be based on common sense.  Risk Crew can help you design and execute such a program.  Additionally, we can deliver:

  • DPO on Demand
  • DPA 2018 Gap Analysis
  • DPA 2018 Compliance Policies and Procedures
  • DPA 2018 Compliance Project Management
  • DPA 2018 Compliance Checklists
  • Privacy Impact Assessment (PIA)
  • Data Classification and Marking Schemes
  • DPA 2018 Support Consulting
  • DPA 2018 Security Awareness Training
  • DPA 2018 Pre-Auditing

Risk Crew DPA 2018 Compliance Consultants can assist you with virtually any data protection requirement you may have.  Each service is scoped to meet your requirement as cost-effectively as possible.  Our experienced consultants hold Data Protection Practitioner certificate as well as ISACA CISSP, CISM and CRISC certifications ensuring they consider and address your business objectives throughout the service.

Put us to work for you today.

For flat fee pricing structure and full service level agreements detailing service specifications, scope and deliverables for any of the above services or to place an order, contact Risk Crew.