A clients journey with us can start with as little as a single day. In reality, it is a semi-structured discovery activity. We come into your organisation and examine your high level-business functions and delivery processes. We look at how you manage personal data through your sales, marketing, finance, HR and customer support activities. What personal data is processed through your core service or product delivery? How well do you handle compliance and what gaps exist in your processes?
Privacy by design is a proactive, risk-based approach to data protection. It is all about embedding best practices through your service or product design processes. It is easier and more cost effective to build in data protection from the start than it is to bolt it on afterwards. The net result is you save money, build customer trust and stand out from the competition.
We work with clients to embed a little-and-often approach through the design and delivery process. We want you to solve the data protection problems one by one. We want you to spend hours, not weeks on Data Protection Impact Assessments (DPIAs) and not to be afraid to do them whenever the need arises. You demonstrate compliance and reap the benefits consistently and continually. Fort Privacy is leading the way in our approach to Privacy By Design. We have worked with well-known organisations in the public and private sector in Ireland and internationally to guide their Privacy by Design approach to service and product development.
We think outsourcing is the wrong word to describe what we do. It is more akin to in-sourcing. We become a trusted and critical part of your team, keeping you focused on getting and staying compliant while ensuring your organisation can reap the benefits from your compliance efforts. The service is built around the demands of the GDPR and we focus on the deliverables that are required to drive successful compliance. Our Outsourced DPO service is a combination of on-site engagement and back-office support.
A Data Catalogue delivers information about what data you collect and how you process it. The Data Catalogue informs everything you need to do to achieve and maintain data protection compliance. It is the solid foundation on which your compliance activities are built.
Fort Privacy builds your Data Catalogue around your business processes. We examine each of your key business processes in detail and we document the data that flows through these processes. This ensures your catalogue is maintainable - if you change a business process you know exactly what data is impacted and you can easily capture changes to the data flows. The data catalogue itself is also a record of compliance for your organisation - it delivers evaluations of the need to appoint a data protection officer, carry out data protection impact assessments, your legitimate bases for processing data and your record of processing.
Fort Privacy's approach to the data catalogue exercise follows how your business is structured. This ensures that as your business changes (as all businesses do!) the change can be easily captured, making it easier to keep your compliance records up to date.
Independent verification that you are on the right track is an essential component of any compliance program and data protection is no different.
Fort Privacy offers three audit services. First, there is the gap assessment which is the precursor to any audit and discovery exercise that identifies the gaps and recommends an approach to addressing them. Second, there is the audit preparation where we will help you prepare for your upcoming audit. Third, there is our independent audit service - where we will independently verify your compliance program is on track.
Fort Privacy has trained auditors who understand risk and compliance.
Article 39 of the GDPR states that one of the tasks of the Data Protection Officer is “awareness-raising and training of staff”. We have developed a number of different training courses and knowledge transfer sessions to help with this requirement.
Our new online training offering will enable your staff to take a GDPR course and assessment, resulting in a certification that contributes to you demonstrating compliance.
Training is designed to ensure that all staff using personal data in your organisation have a general understanding of the risks and issues arising.
Our training will:
We understand that you may have particular data protection needs that aren't available in a pre-packaged service. We're here to listen and to work with you to develop a solution that meets the needs of your business. With our multi-disciplined team having the complimentary skillsets required to meet modern privacy and data protection needs of organisations, we are well-placed to become an extension of your team and a trusted partner in helping your business move forward and build trust with your customers.