Our expertise, on call, whenever you need it.
We are honoured to be trusted advisors for many of our clients who reach out to us with any query, large or small. Can we offer a helping hand?
What can we offer?
Data Security Protection Toolkit (DSPT) audit and assistance
The DSPT is a self-reporting tool that all organisations with access to NHS data must complete. The deadline for the next submission date is the same date as Caldicott Guardians should be in place – 30th June 2023.
At BLS Stay Compliant, we have years of experience in completing the DSPT and can guide your submission, provide a pre-submission audit and check your content follows the required framework.
GDPR or Data Protection Audits
The Information Commissioner’s Office (ICO) has the power to – and regularly does – audit any organisation to test data protection compliance. Our experts can conduct a thorough audit of your legislation compliance and physical security, providing recommendations where necessary.
Subject Access Request Management
Dealing with subject access requests can be a time-consuming and labour intensive task and is also time sensitive under data protection legislation.
BLS Stay Compliant can guide your organisation in responding to a SAR and can aid in setting up adequate practices should you receive one, including how to recognise a valid SAR.
Incident and Data Breach Management
No organisation is immune to a data breach and the consequences – and subsequent workload – can be extensive. BLS Stay Compliant are well versed in handling data breach incidents and can also help ensure measures are put in place to prevent future breaches.
If your organisation has suffered a data breach it is absolutely vital that you do not delay management.
Physical Security Audits
A dedicated and intrusive examination of your physical security arrangements to identify and address weaknesses and vulnerability in the environment your data is stored and the effectiveness of your processes and security.
Policy writing and reviews
Many organisations are not aware of what policies are required to ensure they are compliant with data protection legislation, or if they are in place, when they were last updated.
Our policy writing and review service offers peace of mind that your policies are not only up to date, but you have a full suite in place for your requirements.
Board Briefings/Senior Staff Training
If a data breach were to occur, it is often board members who are under scrutiny for their wider decisions which may have put data at risk. We can guide you and your staff on risk management and best practice, specific to your organisation.
Data breaches can happen if information is shared inappropriately, whether with the wrong person, at the wrong time, or simply the wrong information. Training and guidance can make this less likely to happen, protecting your organisation from a risk of a data breach and subsequent consequences.
Marketing and Data Protection
There are lots of myths around what and how much marketing can be carried out under the UK GDPR and other data protection legislation. We can provide you with the latest ICO guidance and training to support your income generation, marketing and fundraising teams.
Freedom of Information Requests
The Freedom of Information Act 2000 provides ready access to the public, to most information held by public authorities. Find out how we can support your organisation in correctly identifying and responding to FOI requests and to better understand the legislation surrounding them.
Our expertise, on call, whenever you need it.
Our popular managed service offering is a 360 degree approach to your data protection – covering all of the above and more within a package that suits your budget and other resources.
We can act as your data protection officer, or other data protection related roles as required, or can simply act in the guidance position for any level of staff.
If your team requires training, our expert team run open courses, bookable via our website, either specifically for those new to the role and the legislation or additional advanced or refresher training for those who require further sessions.
Data protection training is imperative for any role – if staff are appropriately trained, any organisation is well on the way to compliance with data protection legislation. Training needs will vary according to size and type of organisation and BLS can conduct a training needs analysis on your behalf if required.
Our open courses are available to any member of any organisation. Each course runs online several times throughout the year and may be the answer to your data protection gap.
Alternatively, we can hold a bespoke course to fit you and ensure that all members of staff who have connection to the data you use, store and manage are appropriately trained at a time and place convenient to you. This is often useful for groups of organisations who may find it more beneficial to train their teams together.
See the links below to find out more on our training offerings, or to book an open course online.
- Caldicott Guardian (CG)
- Advanced Caldicott Guardian (CG)
- Senior Information Risk Owner (SIRO)
- Advanced Senior Information Risk Owner (SIRO)
- Data Protection Officer (DPO)
- Subject Access Request and Redaction (SAR)
- Data Protection Impact Assessment (DPIA)
- Information Asset Owner (IAO)
- Safer Recruitment
- Board briefings and senior management training (bespoke only)
If we can offer any assistance with any of information, or other services as required, do get in touch via the form below.