GDPR Audit

Our audits help minimise your risk

We offer a comprehensive review and audit against the compliance of UK General Data Protection Regulation (GDPR) and Data Protection Act 2018 legislation for DSP Audits.

We have carried out hundreds of systematic reviews and assessments of our clients compliance with Information Governance legislation.

This can include:

  1. Whether your record keeping align with best practice
  2. Whether your Data Protection assets have been correctly risk assessed and recorded and addressed
  3. Whether your data protection procedures and controls are efficient and sufficiently rigorous to be compliance with all relevant regulations and legislation.

At the end of which recommendations together with a suggested action plan are generated to provide a baseline assessment for each organisation. 

Auditing your data protection processes is important for a number of different reasons and for a number of different organisations.

Management: Those running an organisation need to have access to an accurate assessment of the company’s information governance approach in order to manage the effective day to day risks and threats to your data.

Patients, your clients, your staff etc.: Those who depend on your services will want reassurance that the organisation is handling their sensitive personal data responsibly and fairly so that their own personal details are protected to the highest standards possible.

Partners: Your partners and those you share information with or received data from will value reassurance that you are compliant and have a conscientious approach to your legal requirements.

Potential customers or parents (if an education establishment): Those considering making use of your services will want to see how you address data protection issues in order to decide whether or not to engage with you.

Regulators: Regulators such as the ICO can be reassured of your professional and diligent approach to your data protection expectations and standards if you are seen to have engaged externa auditors of your processes and compliance.

By engaging BLS Stay Compliant to carry out your data protection audits, you can be assured of our appropriate professional competence, suitable qualifications and expertise as a well-established and highly regarded company since 2014.

We will always discuss your requirements in detail ahead of any audits, which we carry out against the Information Commissioner’s (ICO) recommended areas, including:

  • Awareness of your staff and associates
  • Information you hold
  • Communicating privacy information
  • Individuals Rights
  • Subject Access Requests (SARs) and Freedom of Information requests (if applicable)
  • Your legal basis for processing personal data
  • Use of Consent
  • Data breach policy and procedures
  • Data Protection by Design and Data Protection Impact Assessments
  • Data Protection Officer (DPO) requirement and role
  • International Data transfers
  • Children’s data handling

The audit is a mixture of onsite meetings and remote policy review/creation.  Timescales are dependent on the size and type of organisation.

For further information contact us: