GDPR Radio Interview
18 June 2018
Brian was in with 103.2 Dublin City FM last week recording an interview about GDPR with particular emphasis on how the new regulations will impact on the events industry.
Listen in with the player for the full interview.
Nationwide GDPR Seminars
30 May 2018
Alongside our partners at Invotech we have just finished up a nationwide tour of Ireland delivering seminars, answering questions and calming nerves on all things GDPR.
Our Data Protection Services
Under the new regulations all businesses must be able to demonstrate compliance with the new regime. A GDPR compliance audit is your first step to proving and ensuring compliance with the new regulations.
An audit consists of a thorough assessment of your current business operations and practises through a Data Protection lens. A typical audit for an SME involves a mix of on-site discovery and off-site work for report compilation and to prepare additional documentation.
An audit will entail:
- Interviews with key personnel in order to gain insight as to the day to day operations regarding the flow of data and general security considerations etc.
- Review of Human Resources policies, procedures & information processing
- Review of IT Infrastructure including Desktops, Laptops, Phones, Networks, Email & General IT Security.
- Review of services offered in order to understand where Personal Data can potentially enter and exit the organisation
- Review of current Data Protection policies & practices
- Review of 3rd Party involvement and other miscellaneous topics (e.g. IT Security, Staff Awareness)
Outputs of the audit will include:
- A Gap analysis & recommendations report which will outline your business’ strengths and weaknesses regarding each relevant section of GDPR, along with recommendations on any work which may be required to achieve compliance.
- A Data Inventory report which will identify all Personally Identifiable Information and where it is held. This inventory will be a vital part of your business’ ability to affectively deal with Data Access requests from both customers and staff.
- 3rd party questionnaire & contract clauses which should be sent to all 3rd parties with whom your business discloses the Personal Information of staff and customers.
Audits typically start from €800 (ex VAT)
One of the first areas that the Data Protection Commission intends to enforce is around the principle of “transparency” and the “right to information”. In other words: “Are you informing your customers and staff of their Data Protection rights, and can you cope with requests to exercise those rights correctly”.
We can assist in the drafting of Data Protection polices and procedures for both External & Internal use. Internal examples will include procedures on handling access requests, how to deal with data breaches etc. The main external example is a new data protection notice relevant to your staff & customers which outlines their rights under GDPR as well as your business’ responsibilities and rationale behind retention periods, need for consent etc.An audit consists of a thorough assessment of your current business operations and practises through a Data Protection lens. A typical audit for an SME involves a mix of on-site discovery and off-site work for report compilation and to prepare additional documentation.
Typical Policies & Notices include:
- Customer Data Protection Notice
- Staff Data Protection Notice
- Internal Data Protection Policies & Procedures
- 3rd Party Questionnaire & 3rd Party Contract Clauses (necessary if you disclose personal data to other parties)
- Data Breach Incident Templates
- Access Request Templates
Policy & Notice Drafting from €300 (ex VAT)
The DPO performs a number of important tasks for a business, including (but not limited to):
- Informing and advising the business and its staff of their data protection obligations
- Monitors compliance with data protection law
- Acting as a contact point for communications with the Data Protection Commission
- Being the contact for all customer and staff related queries regarding the exercising of their GDPR rights
With the above tasks in mind, for either a monthly or a “pay as you go” fee structure, we can act as your business’ DPO. This will take the headache out of GDPR compliance by ensuring you will always have a data protection specialist to hand. This service is tailored to your organisation’s specific needs and may require more details in order to provide an appropriate service agreement for your needs.
Formal DPO service from €300 per month (ex VAT)
Informal DPO – pricing based on requirements
We can provide a number of 1 or 2-hour workshops to all / any staff to get them up to speed on the new regulations and how they will affect their roles. Support materials will be provided as a matter of course.
Pricing varies depending on your requirements but will always be competitive
Can’t recommend Mode 1 highly enough. They really are the experts in the GDPR field we were hoping to find and made the transition so much easier and as painless as possible for us. Mode 1 created our data protection policies for us after completing a two day audit of our business which helped us understand how GDPR was going to affect us and our customers. Brian also personally led two training sessions for our entire team which were really informative as the training was focused on our business sector. Brian was able to give us multiple real world examples of situations that we have and will face in the future and this really helped all my team to dispel many of the GDPR myths that were floating around.
Mode 1 gave our GDPR workshops (5 in total) to our client base. The feedback we got from our clients was excellent. They are professional and at the same time entertaining in presenting this important material. I rate them highly in their knowledge of data protection issues