Tel: +44 (0) 114 400 0021

DATA PROTECTION OFFICEr (DPO)

as a service

Why do we need a DPO?

You legally require a DPO if…
  • You are a public authority.
  • Your organisation’s core activities require regular and systematic monitoring of individuals on a large scale.
  • Your organisation’s core activities involve processing on a large scale ‘special categories’ of personal data, or ‘criminal convictions or offences data’

How we can help with your DPO?

Even if you have no legal requirement to appoint a DPO, it is still advisable to appoint someone who is responsible for the information your organisation processes.
At Samurai, we can make the task of managing your organisation’s information easy. We will work alongside your existing teams to help raise awareness and improve understanding of the information handled. Ultimately this will strengthen the security of that information.
Better information security, protects and improves your reputation. Better controls help reduce the risk of fines and penalties. Our DPO advice can help you achieve better information security in a way which makes financial sense to your organisation and increases stakeholder confidence.


How to get started…

A review of your policies, a data audit, and IASME certification must be completed. You can call us to book these reviews and we can guide your though the certification process.
Samurai Security can then offer three types of packages depending on your business requirements and overall budget.

If you’re unsure of your requirements or have questions, please contact us.

Data Protection Officer as a Service

Minimum Contract: 12 Months

We will be your retained advisor rather than your nominated Data Protection Officer.

We will:
  • Advise on changes in policy
  • Advise on changes in
  • DPA/GDPR legislation
  • Review approach to consent
  • Review privacy statements
  • Advise on engagements with new 3rd parties
  • Review PIA’s
  • Help you respond to questions relating to GDPR/DPA(2018) from 3rd parties
  • Undertake a yearly audit to ensure continued compliance with GDPR/DPA(2018) and IASME
  • Run one GDPR/DPA(2018) training session a year

Data Protection Officer as a Service

Minimum Contract: 12 Months

We will be your retained advisor rather than your nominated Data Protection Officer.

We will:
  • Be your contact with the ICO
  • Inform, advise and issue recommendations regarding GDPR compliance
  • Advise on changes in policy
  • Advise on changes in GDPR/DPA(2018) legislation
  • Advise on approach to consent
  • Help you respond to questions relating to GDPR/DPA(2018)
  • Provide PIA (Privacy impact assessment) templates
  • Confirm if a PIA is required
  • Advise on safeguards are required to secure the rights and interests of data subjects
  • Review PIA’s
  • Review new 3rd party providers
  • Deal with 3rd party provider requests
  • Annually review all 3rd party data processors
  • Annually review the data audit sheet
  • Be the contact and for any data breaches/incidents
  • Run one GDPR training session a year
  • Provide access to GDPR Awareness training Moodle site for all staff
  • Undertake a yearly audit to ensure continued compliance with GDPR/Data Protection Bill and IASME

Cyber Security Consultant and Data Protection Officer as a Service

Minimum Contract: 12 Months

We will:
  • Be your primary contact with the ICO
  • Offer you a dedicated personal Data Protection Officer
  • Inform, advise and issue recommendations regarding GDPR compliance
  • Perform an annual full and thorough system penetration test against your web applications, external and internal infrastructure and offer advisories.
  • Provide phishing campaigns to help with user awareness – 3 campaigns per year.
  • Advise on changes in policy
  • Advise on changes in GDPR/DPA (2018) legislation
  • Advise on your approach to consent
  • Help you respond to questions relating to GDPR/DPA(2018)
  • Provide PIA (Privacy impact assessment) templates and assistance
  • Confirm if a PIA is required
  • Advise on safeguards are required to secure the rights and interests of data subjects
  • Review and advise on Privacy Impact Assessments PIA’s
  • Review and advise on Legitimate Interest Assessments (LIA’s)
  • Provide LIA templates
  • Review new 3rd party providers
  • Deal with 3rd party provider requests
  • Annually review all 3rd party data processors
  • Annually review the data audit sheet
  • Be the contact and for any data breaches/incidents performing incident analysis
  • Perform an annual 1-day GDPR training session.
  • Provide access to GDPR Awareness training site for all staff
  • Undertake a yearly audit to ensure continued compliance with GDPR/DPA(2018) and IASME
Close Menu