I’ve seen a few suppliers make classic errors dealing with breaches in their client’s data. Here are the top three errors suppliers make and 5 suggestions to avoid them!
Advising on an appropriate Data Protection Governance structure for the Uniphar Group of companies
Category: Governance / Accountability
Customer: Uniphar PLC
We worked on this strategic project with Uniphar (circa 20 companies in its group) to ensure that it’s governance structure was appropriate to the diverse scope of its processing operations. This was a challenging project that was implemented over a number of years. The organisation now has 5 Data Protection Officers (with supporting Data Protection Teams) and a central Data Protection Compliance Office function managing the strategy and oversight of activities. The Fort Privacy Compliance Framework was used to structure all activities of the organisation to ensure that a consistent approach is being taken to compliance by all DPOs.
Join Our Newsletter
Sign-up to receive news and information from Fort Privacy
Fort Privacy processes your personal data in order to respond to your query and provide you with information about our products and services. Please see our Data Protection Statement for further information
The General Data Protection Regulation is “risk” based legislation. This means that the protective measures an organisation implements should correspond to the level of risk associated with their data processing activities. It’s worth noting that the risk that should be considered here, is the risk to the data subject as opposed to risk to the business of non-compliance.
Data Protection Programmes are all the rage these days. It’s great to see the compliance conversation moving in this direction. As a Data Protection Officer (DPO), I know the difference between working with a solid data protection programme and working with none and all.