Since the introduction of GDPR in 2018, every organization that manages or uses data about individuals (“personal data”) needs to be have a clear idea of how that data is being used, and who it is being shared with.
Our Data Privacy Risk Assessment service will take a thorough look at the personal data you are collecting and using, and how you are using it, and make a series of concrete recommendations to reduce your organization’s legal liability and reputational risk.
Data necessity: Whether the data being collected is necessary for the service being provided
Consent: Whether sufficient user consent is being captured for the data uses being employed
Data protection: Whether personal data is being sufficiently protected at rest (e.g. by encryption, obfuscation, aggregation)
Options to reduce data risk: Opportunities to reduce the risk of holding personal data by aggregating and/or deleting older data
Third-party risk: Assessment of data sharing arrangements with third-parties (including assessment of third parties’ own usage/protection of the data that is being shared with them, where possible.
For more information about this service, please contact us.