How can Rocket Lawyer help?
The UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018 together form the bedrock of UK data protection legislation. They impose a set of requirements on businesses that process (ie obtain, record, store, organise or otherwise use) personal data (ie information about somebody from which they could be identified).
These requirements ensure that businesses process personal data in a fair, safe and transparent manner which does not infringe on individuals’ data protection rights.
Complying with data protection law involves multiple steps including implementing various policies and procedures for processing personal data. You should set out these policies and procedures in comprehensive documents such as:
a data protection and data security policy
an employee privacy notice
Some data processing activities require you to create other documents too, such as:
a data processing agreement (DPA), if you outsource data processing to another business (or if you process data for another business)
a data protection impact assessment (DPIA), if you process data in a way which is likely to result in a high risk to the rights and freedoms of individuals
For more information on documents and practices you should consider to ensure compliance, read the GDPR compliance checklist.
A data protection health check is a systematic evaluation of your business’ current data protection practices carried out by a compliance specialist. When you undergo a check, the compliance specialist:
identifies what your business needs to do to comply with data protection law
evaluates the documents you currently have in place to see if they meet your data protection needs, and
makes recommendations for your next steps towards compliance
The health check includes analysis of your practices and documents for international transfers of personal data.
The cost of these services can vary depending on the complexity, scope and adequacy of your business’ data processing practices.
You can contact us to discuss prices for a comprehensive service for your business which combines a data protection health check and the creation of data protection documents.