The General Data Protection Regulations came into UK law in May 2018. Following this, all organisations are expected to be, at the very least, working towards compliance with these regulations.
The accountability principles require organisations to demonstrate they comply with the regulations, which involve a number of things. Examples of these are as follows:
- Appointing a Data Protection Officer
- Having appropriate technical and organisational measures in place
- Maintaining records on processing activities
- Data Protection Impact Assessments
The GDPR Services package (for the first year) involves the Data Protection Team from Romero carrying out an audit to assess the establishment’s current position with regards to data protection.
Following this, a project plan is produced to identify the steps that need to be taken, to ensure the school or organisation is fully compliant with GDPR.
The Data Protection team will then support the school through the completion of the plan, undertaking tasks such as:
- Providing template policies
- Training staff
- Assisting with record keeping activities
- Checking contracts with external providers
The cost for this first-year service is £2000 + VAT. If you chose to continue your contract into a second year, details of this would differ slightly, but any changes are discussed with the client prior to renewal of the contract.
We are able to build a bespoke package tailored to your organisation. If you would like to gain a no-obligation quote from the GDPR Team, please contact us using either of the following methods below and we would be more than happy to discuss your needs with you:
To see what’s included in our Data Protection Officer service, please click here.
