Managing Regulatory Change

We are becoming a more connected, global community that is sharing information in ways and places never previously envisaged.  Organisations are moving on-line to deliver services, reaching a global audience with more employees working remotely.  To keep pace with these changes privacy & data protection regulation is being updated. 

This presents organisations with a challenge.  Failure to comply increases risk, with the potential financial and regulatory impact.  Keeping abreast of regulatory change, while manging internal compliance activity is a non-stop task for those with dedicated data protection resource.  For those organisations without dedicated resource it is even more of a challenge, as the risks remain. 

This is where we can help.  Our readiness assessments allow you to quickly understand the impacts of regulatory change, giving you the confidence that it is being appropriately addressed.

Services

POPIA Readiness
Age Appropriate Design Readiness
Direct Marketing Readiness
DP Assure
POPIA Readiness

POPIA Readiness

 

On 1 July 2020 POPIA, the new South African data protection law, came into effect.  This will apply to all organisations that are established in the country or are processing personal information on individuals in South Africa.  POPIA will come into force on 1 July 2021, giving organisation’s the intervening period to ensure they are compliant.

 

For organisations that deliver services from South Africa, you will not only have to comply with POPIA, but also the data protection law in the country into which you are providing services, making this a more complex activity. 

 

Our POPIA readiness assessment will provide you with:

 

  • An understanding of the impacts POPIA will have on your organisation;
  • A gap analysis between your current practices, POPIA and other relevant data protection regulation;
  • A set of prioritised recommendations to drive compliance
  • An action plan to achieve compliance.

This work will provide you with the confidence that your organisation is taking appropriate action to comply with relevant data protection laws.

Age Appropriate Design Readiness

Age Appropriate Design Readiness

 

In an increasingly digital world, there is a need to proactively safeguard children.  In response to this the ICO have recently submitted a new age appropriate design code of practice to parliament in the UK for approval.  This will become a statutory code, covering any organisation providing information society services to children, giving them 12 months to comply.

 

Contained within the code are 15 flexible design standards, aimed at ensuring on-line services safeguard children’s data.  As this is a statutory code any organisation failing to comply may face fines or regulatory action.

 

Although not yet in effect, we would strongly advise any organisation providing on-line services to children, to start considering the impacts now.

 

To help understand the implications of the code we have developed a readiness assessment that examines the implications of the new code. This will provide you with:

 

  • A gap analysis between your current practices and the 15 design standards;
  • A set of prioritised recommendations to address compliance with the code;
  • An action plan to achieve compliance.

This work will provide you with the confidence that all aspects of the age appropriate design code have been addressed across your organisation    

Direct Marketing Readiness

Direct Marketing Readiness

 

The ICO have published a draft direct marketing code of practice that will come into effect in the coming months.  This provides guidance to the direct marketing community as to how they should be complying with both GDPR and the Privacy and Electronic Communications Regulation (PECR).  As a statutory code, organisations will be required to follow the guidelines or face the implications of non-compliance – fines or regulatory action.

 

While the code has not yet come into effect, there are no new regulatory requirements within it.  We recommend organisations act now to understand the implications.  There will be impacts across the direct marketing ecosystem and giving yourself time to comply will be beneficial.

 

Our readiness assessment will provide you with:

 

  • A gap analysis between current practices and the guidance provided in the code;
  • A set of prioritised recommendations to address compliance with the code:
  • An action plan to achieve compliance.

This work will provide you with the confidence that your organisation has understood and acted upon the relevant requirements laid out in the direct marketing code of practice.

DP Assure

DP Assure

 

We created DP Assure as a serviced based approach to providing privacy & data protection advice to our clients.  Our aim is to be an extension of your team, acting as a trusted advisor.  By getting to know you, we will be in a better position to offer you pertinent and timely advice.

 

As part of the service we provide advice on regulatory change.  We will already have gotten to know your organisation, putting us in a unique position to offer relevant, targeted advice & recommendations to achieve compliance.  This is an alternative approach to conventional consulting, providing you with a cost effective approach to addressing regulatory change.

 

If this sounds interesting, see DP Assure for more information

Scroll to Top