Data Protection Compliance by Appetite

If processing personal data is the lifeblood of your organisation, then by now you will (hopefully) have what Americans might call call a “soup to nuts” compliance programme in place. Data protection regulations like GDPR and any other relevant international regimes emulating this gold standard will be front of mind in everything you do. If you’re really advanced, you’ll have come to see privacy best practices as a way to build trust and a competitive differentiator - and not just a way to avoid censure and fines.

But what if that all seems a bit, well, heavy? What do you do if you aren’t ready to dig into the full smorgasbord of what privacy leaders do spanning IT security, ethics, marketing, stakeholder relations and more?

The answer is data protection compliance by appetite.

At Trace, we know that not every organisation is ready for, or necessarily needs, the full menu of data protection services. When smaller, possibly start-up or scale-up organisations get quoted astronomical price-points from the bigger consultancies they rightly feel fed up. They may not have the budgets - or time - a full privacy programme requires, and so they often opt to do very little at all. Seeing this need for manageable options, we’ve made data protection compliance more easily digestible by making it bite-sized. 

It may be that your Privacy Notice and other documentation needs refreshing to reflect what you actually do with personal data today. Perhaps your staff need a good grounding in compliance, without having to be away from their core duties for days at a time. Or, it could be that you want to innovate in new areas, but are unsure of how to proceed and stay on the right side of the regulations. These are scenarios we help clients with every day.

Feel satisfied, not force-fed

To us, being client-centric means serving up the right thing at the right time. Customers select what they need from our extensive menu of services and can pay as they consume them. Why pay for a five-course meal when all you need right then is a snack?

Our “sprint” model illustrates perfectly. After a brief discovery session, we draw out priorities that will get your organisation to a far better place data protection-wise in just a few days. Some clients immediately want to build on this foundation, while others want to take a breather before coming back for more. We are happy either way. Pragmatic commercial sense, not just a passion for privacy best practice, underpins everything we do.

Our clients are free to pick and choose from a menu which includes:

• GDPR audits covering documentation, processes and people

• Data protection training from beginner to advanced level

• “Sprints” tailored for tech firms in regulated sectors like finance and medicine

• Producing Privacy Policies, Data Protection Impact Assessments, Processing Agreements and any other mandated paperwork you might need

• Outsourced Data Protection Officer services

• Data governance, ethical frameworks and Privacy by Design coaching

Our approach may be slightly unusual, but when it comes to their data protection programmes, we don’t see any merit in putting organisations off. 

Read some of our case studies to get a flavour of what have helped organisations just like yours achieve, in short timeframes and with contained costs. Or get in touch for an informal discussion of your needs.