OneSpan Consults provides a comprehensive range of data protection consultancy expertise to complement our outsourced DPO Representation services. Our consultants bring a fresh perspective to your data protection compliance and help you to understand your data landscape and the steps you need to take to comply with data protection laws.
Our consultancy services are provided by experienced Data Protection Professionals and tailored to your organisation’s specific needs. They are backed up by the shared best practice across our large team and the comprehensive model documentation library that has been developed based on the experience we have gained from working with a varied range of organisations.
The Data Protection Team delivers a wide range of data protection consultancy services that we adapt to your organisation’s specific needs. Our Data Protection Services include among others the following;
Compiling an Information Asset Register and Data Mapping
-
The Data Protection Team will be responsible for ensuring the data protection process.
- Identifying the personal data an organisation is responsible for either as a Data Controller or as a Data Processor
- Where the data originates and where it is stored
- Where and why the data is held and how it is used
- The category, volume and “risk” level associated with the data
- Who is responsible for managing the data?
Policy Drafting and Review
- Privacy and cookie policies
- General data protection policy
- Informed consent forms
- Retention policy and schedules
- Various employee handbook policies
Records of Processing Activity (RoPA)
-
- Preparing and maintaining your RoPA
- Identifying the lawful basis upon which personal data is processed
- How, why and with whom data is shared
- Who has access to the data and why
- The technical and organisational measures used to protect the data
- How long data is retained and how it is deleted
Impact Assessments and Gap Analysis
- Reviewing the risks associated with how personal data is processed
- Conducting Data Protection Impact Assessments (DPIAs) and Privacy Impact Assessments (PIAs)
- Conducting Legitimate Interest Assessments (LIAs)
- Identifying gaps between current practice and best practice
