GDPR Consultancy Services

Delivered by experts with decades of experience in the legal sector, our GDPR consultancy services are tailored to law firms and other legal organisations.

We shall not provide you with superfluous material nor introduce any unnecessary steps on the path to becoming GDPR compliant.

We offer two services: Premium and Standard.

 

Our Premium Service:

We recommend this service to our non-retainer clients as it will fully prepare you for GDPR readiness. This service includes:

• Initial full day on-site information audit and review to assess your current data protection compliance and readiness for
GDPR;
• Review of third party data processor contracts;
• Preparation of a detailed report, with recommendations, outlining the steps necessary to achieve GDPR compliance (gap analysis);
• Creation of the Article 30 record of processing activity;
• Creation of a detailed data risk assessment;
• Provision of a fully GDPR, Lexcel (or SQM) and SRA compliant Information Security and Data Protection Manual and associated document templates (including data protection notices and       consents) tailored to your firm’s requirements;
• Second on-site full day reviewing readiness and providing staff training on GDPR, compliance and new procedures
• Guidance on and assistance with obtaining the Cyber Essentials accreditation;
• 6 months follow up advice and assistance (and amendment of documents to reflect and post implementation changes to approach / guidance by WP29, the ICO or Law Society / LAA.

The cost for most firms is £4,000 plus VAT

 

Our Standard Service:

This service is recommended for our retainer clients or those who are happy to work with us with implementing your revised processes. It includes:

• Initial full day on-site information audit and review to assess your current data protection compliance and readiness for GDPR;
• Review of third party data processor contracts;
• Preparation of a detailed report, with recommendations, outlining the steps necessary to achieve GDPR compliance (gap analysis);
• Provision of GDPR compliant template policies and procedures;
• 3 months follow up advice and assistance (and amendment of documents to reflect and post implementation changes to approach / guidance by WP29, the ICO or Law Society / LAA.

The cost for most firms is £2,000 plus VAT

 

Data Protection Officer Services:

Many law firms will be required to appoint a Data Protection Officer and others may appreciate the reassurance of voluntarily appointing one. If you wish to appoint us as your external DPO then we can offer this ongoing service for £200 plus VAT pcm (minimum term 12 months).

This service includes:

• Quarterly (or more frequent is necessary) data protection & security update briefings;
• A data protection helpline for you to discuss any actual or potential data security breaches and how to handle them;
• Assistance with deciding whether a breach should be reported to the ICO and assistance with reporting that breach;
• Assistance with the preparation of any necessary Data Protection Impact Assessments;
• Annual staff update training;
• Annual review of policies, procedures, the Article 30 record of data processing and the risk assessment.

 

GDPR Toolkit:

We are pleased to be able to provide a comprehensive toolkit specifically designed for law firms. This is included as part of our consultancy services but may be purchased for firms that do not require external assistance. The toolkit comprises of:

  1. Data Security & Information Governance Manual
  2. Information Audit template
  3. Privacy notices for use in client care letters
  4. Website data and privacy notice

he Manual includes the following policies & procedures:

• Data Protection
• Information Management & Security
• Transfer of Data to Third Parties
• Cybercrime and Fraud Prevention
• E-mail
• Acceptable Use of IT Facilities
• Use of Personally-Owned Devices
• Credit Cards
• Archiving, Retention & Destruction
• End of Employment

 

For Our Retainer Clients:

Our retainer clients will already receive a fully GDPR, Lexcel (or SQM) and SRA compliant Information Security and Data Protection Manual and associated document templates (including data protection notices and consents) tailored to your firm’s requirements along with an Information Audit template on the Compliance Caddy.

Additional assistance with any of the above can be purchased at £950 plus VAT for the first day and £800 plus VAT for any second or subsequent days. In addition, the DPO service is available for £180 pcm (minimum term 12 months).

Get in touch

If you would like further information on any of the services mentioned on this site or would like to arrange a discussion with one of our consultants, please send an email or contact us at: