Our Deep Dive Data Protection consultancy services are designed to deal with specific projects and/or to do a deep investigation of a Data Protection issue allowing you to develop a greater understanding of the issues and risks in a specific issue and to develop appropriate mitigation using our expert resources.
Why do I need a Deep Dive?
Often information risk exists in areas where the organisation has insufficient knowledge or control over the information processes and either a) maybe you don’t have sufficient resources to dedicate to a detailed cross-organisational or lengthy project; b) you don’t have the expert knowledge required in the deep dive area; or c) you prefer an independent third party review.
We call this a “deep dive” as the analysis is usually narrow in focus and deep in penetration.
Typical Deep Dive Scenarios
A good example of a deep dive is when we are instructed to examine, map, and ensure compliance of a consent/opt-in process for electronic marketing.
This will usually involve looking at several websites, spreadsheets, databases, and paper forms and engaging with email broadcasting, web hosting, mailing house, telesales and other companies who you share your data with in order to deliver your communications program, reviewing contractual arrangements or putting new agreements in place with those third parties, documenting processes, data flows, a privacy impact assessment etc. and even carrying out site inspections if required.
Other examples of our Deep Dive projects include:
- Analysis of Risk Register
- Procedural Framework Investigation
- Supply Chain Investigation & Review of Process and Procedures
- Staff Training & Awareness Sessions
- Using DataWise, either via a managed service or standalone subscription, the key information, findings and remedial actions from a Deep Dive investigation(s) can be integrated into the system for ongoing management and reporting purposes
Following the Deep Dive, you will receive a professional report with our findings and recommendations. The report will include detailed analysis of the data flow, highlighting areas of concern along with remedial recommendations where necessary.