Keeping on top of GDPR can be a challenge and it is surprising how quickly your documentation can become out of date.
We have developed a GDPR self-audit checklist to help clients assess where they are and what needs to be done to comply with GDPR.
It comprises an online self-assessment, followed by a guidance call with us to highlight the key risks identified and how you might be able to address them.
It is advisable to review your organisation’s GDPR policies, processes and documentation at least once a year, to help check everything is up to date and to ensure your GDPR preparations are working and being followed in practice.
Alongside this, we offer online refresher workshops for the individuals leading your ongoing GDPR project, to help them keep abreast of regulatory developments and best practice.
The ComplyGDPR Toolkit is a modular solution to help equip executive search and recruitment businesses to be able to comply with GDPR.
At its heart is the data protection handbook, accompanied by a supporting action plan, video briefings and document templates.
It explains in a practical way how GDPR specifically applies to your executive search, interim management or recruitment activities. Importantly, it guides you through exactly what to do.
The Toolkit includes recommended processes, policies, forms, clauses, checklists, documents and templates for assignment work and your internal HR processes.
It is geared for UK businesses, but businesses outside the UK and EU have successfully used our Toolkit to help equip them to work with UK and EU clients and candidates.
Documents and advice are kept up to date with the latest GDPR updates and guidance. The manual is co-written by us and our legal advisors.
Our ongoing client support includes a client helpline for quick advice on GDPR issues or how to apply the advice in the Toolkit or other ad-hoc GDPR queries that crop up.
In the event of a data breach, we provide support on how to handle the situation and provide practical advice.
Webinars are held on key topics and trends that we are seeing with our clients and the regulators. We also have a library of resources and documentation materials, including past webinars on specific topics.
We continuously update our materials to reflect changes or clarifications to GDPR regulations and to help our clients understand best practice.
Our clients can also receive a regular newsletter with updates on GDPR, news about DPA18/PECR and other relevant data protections matters for the recruitment sector, access to our client portal and invitations to events.
A survey in the executive search and recruitment sector revealed that over 90% of data breaches are caused by staff error.
Ensuring that staff are trained appropriately and that training records are kept demonstrates commitment to GDPR. This reduces risk of a breach and will be required for a breach investigation.
We have a number of training options to ensure that all of your staff understand and are kept up to date with GDPR. These include:
- Online staff training modules for induction or refresher training.
- Refresher workshops for GDPR leaders.
- Introductory crash-courses for those new to GDPR decision making.
We recommend adopting a variety of ways to keep data privacy front of mind and keep your whole team engaged.
Our online staff GDPR training course can also be used on an internal LMS, with branding and customisation options.
A custom EU representative service, delivered by Reed Smith's datarologie team, has been tailored for ComplyGDPR clients.
If you regularly handle EU candidate data and your business doesn’t have an office in the EU, GDPR may require you to have an EU representative.
Please ask us for our ComplyGDPR/Reed Smith joint brochure, which includes a flow chart to help assess whether you need a representative. It also includes options for our micro/small business clients.
UK representative services are also available for businesses located outside the UK that regularly process personal data of UK individuals.
IT Risk Audit
The UK government’s recent cyber risk survey found that whilst 69 per cent of businesses say their senior management consider cyber security is a very or fairly high priority for their organisation, only half of businesses have actually taken action to identify cyber risks.
Whether you are running your own IT or are outsourcing your IT services, ensure that you understand the risk areas in your business by commissioning an independent GDPR IT Risk Audit with one of ComplyGDPR’s IT audit partners.