Events Industry GDPR - Radio Interview

18 June 2018

Brian was in with Dublin City FM last week recording an interview about GDPR with particular emphasis on how the new regulations will impact on the events industry.

Don't miss the interview - Sunday 24th June

Dublin City FM

Nationwide GDPR Seminars

30 May 2018

Alongside our partners at Invotech we have just finished up a nationwide tour of Ireland delivering seminars, answering questions and calming nerves on all things GDPR.

Our Data Protection Services

Advice, Audits & Consultancy

Policy & Notice Drafting

Data Protection Officer Services

Training & Awareness Courses

Under the new regulations all businesses must be able to demonstrate compliance with the new regime. A GDPR compliance audit is your first step to proving and ensuring compliance with the new regulations.

An audit consists of a thorough assessment of your current business operations and practises through a Data Protection lens. A typical audit for an SME involves a mix of on-site discovery and off-site work for report compilation and to prepare additional documentation.

An audit will entail:

  • Interviews with key personnel in order to gain insight as to the day to day operations regarding the flow of data and general security considerations etc.
  • Review of Human Resources policies, procedures & information processing
  • Review of IT Infrastructure including Desktops, Laptops, Phones, Networks, Email & General IT Security.
  • Review of services offered in order to understand where Personal Data can potentially enter and exit the organisation
  • Review of current Data Protection policies & practices
  • Review of 3rd Party involvement and other miscellaneous topics (e.g. IT Security, Staff Awareness)

Outputs of the audit will include:

  • A Gap analysis & recommendations report which will outline your business’ strengths and weaknesses regarding each relevant section of GDPR, along with recommendations on any work which may be required to achieve compliance.
  • A Data Inventory report which will identify all Personally Identifiable Information and where it is held. This inventory will be a vital part of your business’ ability to affectively deal with Data Access requests from both customers and staff.
  • 3rd party questionnaire & contract clauses which should be sent to all 3rd parties with whom your business discloses the Personal Information of staff and customers.

One of the first areas that the Data Protection Commission intends to enforce is around the principle of “transparency” and the “right to information”. In other words: “Are you informing your customers and staff of their Data Protection rights, and can you cope with requests to exercise those rights correctly”.

We can assist in the drafting of Data Protection polices and procedures for both External & Internal use. Internal examples will include procedures on handling access requests, how to deal with data breaches etc. The main external example is a new data protection notice relevant to your staff & customers which outlines their rights under GDPR as well as your business’ responsibilities and rationale behind retention periods, need for consent etc.An audit consists of a thorough assessment of your current business operations and practises through a Data Protection lens. A typical audit for an SME involves a mix of on-site discovery and off-site work for report compilation and to prepare additional documentation.

Bundle 1:

  • Customer Data Protection Notice
  • Staff Data Protection Notice

Bundle 2:

  • Customer Data Protection Notice
  • Staff Data Protection Notice
  • Internal Data Protection Policies & Procedures
  • 3rd Party Questionnaire & 3rd Party Contract Clauses (necessary if you disclose personal data to other parties)
  • Data Breach Incident Templates
  • Access Request Templates

The DPO performs a number of important tasks for a business, including (but not limited to):

  • Informing and advising the business and its staff of their data protection obligations
  • Monitors compliance with data protection law
  • Acting as a contact point for communications with the Data Protection Commission
  • Being the contact for all customer and staff related queries regarding the exercising of their GDPR rights

 
With the above tasks in mind, for either a monthly or a “pay as you go” fee structure, we can act as your business’ DPO. This will take the headache out of GDPR compliance by ensuring you will always have a data protection specialist to hand. This service is tailored to your organisation’s specific needs and may require more details in order to provide an appropriate service agreement for your needs.

We can provide a number of 1 or 2-hour workshops to all / any staff to get them up to speed on the new regulations and how they will affect their roles. Support materials will be provided as a matter of course.

Can’t recommend Mode 1 highly enough. They really are the experts in the GDPR field we were hoping to find and made the transition so much easier and as painless as possible for us. Mode 1 created our data protection policies for us after completing a two day audit of our business which helped us understand how GDPR was going to affect us and our customers. Brian also personally led two training sessions for our entire team which were really informative as the training was focused on our business sector. Brian was able to give us multiple real world examples of situations that we have and will face in the future and this really helped all my team to dispel many of the GDPR myths that were floating around.

James McNally James McNally

Brian and his team worked closely with us in the months leading up to the GDPR deadline and have provided us with the knowledge, materials and confidence to ensure that we are as prepared as possible for the 25th May deadline.

Andrew Masterson Andrew Masterson

Our Team

Let's chat about growing your business

Every organisation will have different levels of need and work to perform in order to achieve compliance. We’d be delighted to have a chat with you to show you how we can help your business. Unlike some, we won’t charge you for talking to us, so please feel free to get in touch either via the form or the contact details below. Thanks for visiting!