Data Protection: Remediation Plan for UK-based Income Protection Provider
A UK-based income protection provider.
In preparing for the introduction of the General Data Protection Regulation in Europe (GDPR) worked with the client to address weaknesses identified in an earlier gap analysis.
How we helped
We produced a prioritised remediation plan to reduce exposures and worked with the client to update policies and procedures, review third party contracts, produce and maintain data maps, maintain records of processing, and deliver data protection training sessions to increase staff knowledge and awareness of GDPR.
Our knowledge of Data Protection and the GDPR regulation meant that we could determine weaknesses in client processes, provide guidance of necessary remediation focussed to client operations, and provide example documents that meet the Regulation.
We were also able to provide targeted staff training, answer specific queries and concerns from staff and increase awareness to prepare for GDPR.