General Data Protection Regulation
Want to meet your compliance obligations and build customer trust?
Our experienced GDPR consultants can help.
How our GDPR Consultants can help you
Our team of experienced GDPR consultants can help your organisation assess your GDPR compliance position and develop a roadmap to implementing a data compliance framework. Whether you are an SME, multinational, charity or public sector organisation, we can tailor our GDPR consultancy services to your needs.
Our GDPR Consultancy services include:
- General Data Protection Consultancy
- Development of Policies and Procedures
- BS 10012 (Personal Information Management) Certification
- Data Protection Impact Assessments (DPIAs)
- GDPR & Data Protection Training Services
- Development, Issue and Review of Supplier (Processor) Security Questionnaires
- GDPR Gap Analysis
- Creating Records of Processing
- Development of Privacy Notices
- Supplier (Processor) Auditing
- Legitimate Interest Assessments (LIAs)
- GDPR Audits (which can be integrated with Client’s existing audit plans e.g. ISO 27001)
An independent and objective review
GDPR Audit & Gap Analysis
Our knowledgeable data protection consultants have conducted an extensive number of GDPR Audits and Gap Assessments for our clients. The GDPR Audit / Gap Analysis would typically include:
- Submission of briefing notes and initial GDPR data capture document required for GDPR interviews
- GDPR interviews that establish existing processes, practices and controls in place for personal data and compare these against GDPR requirements
- Production of a summary report detailing findings and recommendations along with an associated GDPR Action Plan
- Recommendations presented to the senior management team upon completion
What happens next?
Ongoing support and implementation
Upon completion of the GDPR Audit or Gap Analysis, Teamwork’s data protection consultants can provide ongoing consultancy support to assist your organisation, in prioritising and implementing the improvement recommendations and the creation of any associated documentation. We can also integrate our GDPR consultancy services with other compliance or certification requirements e.g. ISO 27001, ISO 27701, and Managed Compliance Services.
Our other information standards
Information security compliance (ISO 27701 & ISO 27001)
Are you considering implementing a GDPR Compliance Programme alongside other certification standards such as ISO 27701 (Privacy Certification) or ISO 27001 (Information Security) for example? Do you already have certification to other ISO Standards and want to integrate GDPR or Data Protection requirements with them? Teamwork IMS GDPR consultants specialise in this combined approach, that is, implementing Integrated Management Systems.
For organisations that need to achieve two or more standards, there are significant advantages in implementing these standards in parallel rather than taking a phased approach, in particular, the internal and external incremental costs can be significantly reduced. There are also significant resource economies to be achieved with projects addressing multiple standards e.g. one gap analysis, one implementation programme, less potential for duplication and more effective integration of your management systems. Maintenance of an integrated management system is also more efficient in terms of audits, management review, documentation, and continued assessment.
Other Privacy and Information Standards
ISO 27701 & ISO 27001
ISO/IEC 27701 is a privacy extension to ISO/IEC 27001 Information Security Management and ISO/IEC 27002 Security Controls. The Standard provides a framework for ensuring the appropriate protection and management of personal information and assists in demonstrating an ongoing commitment to compliance with privacy regulations around the world, including GDPR.
Teamwork ISO 27701 / GDPR consultants will conduct reviews of your current level of compliance, including current data protection and information security policies, procedures and practices within your organisation and examine their effectiveness.
Teamwork can then help your organisation to implement an ISO 27701 compliant privacy information management system ensuring the selection of adequate and proportionate data protection controls which support your organisation in the protection of the privacy of existing and potential customers, staff and any other applicable data subjects.
Why choose Teamwork IMS?
Data Protection Specialists
Since 2007, Teamwork has been instilling absolute quality into the delivery processes of a huge range of organisations, from SMEs to large corporates. Our team of data protection professionals including CISSP, PCI Security Standards Council QSA, MBCI, GDPR, IEMA, ESOS and CMIOSH qualified consultants) have developed and led UKAS accredited ISO and other standards-based service improvement programmes for private and public-sector organisations across the UK, EMEA, US and beyond, from 5 to over 20,000 people businesses.
Our knowledge and experience across a broad base of management and technical Standards make us uniquely equipped to help organisations to develop GDPR compliance programmes and integrate with existing management systems to achieve all the associated economies and efficiencies in the system design, implementation and maintenance.
This experience, and the huge success of both the project delivery and maintenance phases of our standards-based practices, has been firmly based on two key principles: the ability of Teamwork consultants to look beyond the standard or legislation in question and identify, define and align with the real business drivers of our customers, and our innate ability to become one with our customer’s own management teams.
Who have we helped achieve GDPR and Data Protection Compliance?
Our team of experienced GDPR & Data Protection consultants have helped an extensive array of organisations with their GDPR Compliance programmes as part of a standalone GDPR compliance project or alongside other ISO and information security standards such as Cyber Essentials and ISO 27001. These organisations range from SMEs to large corporates as well as public and charitable organisations. To see some of our GDPR & Data Protection clients, please visit our ‘Clients’ page.