Our Services

Adding Value

Adding value to your cyber security strategy.

Cyber security is a term that has become synonymous with the digital age we now operate in.

Businesses are investing heavily in Information Security Training and raising awareness around potential infiltration methods being used by criminals.

However, good data governance starts with the implementation of the Data Protection Principles, including Integrity and Confidentiality and Storage Limitation

Many UK businesses are potentially spending budgets on controls which ultimately protect the information they may be able to delete in line with their data retention schedules.

Failure to apply good Data Protection practices could result in risk exposure to larger data Breaches, reputational damage and large fines by the ICO

Services

We pride ourselves on making data protection simple… So what can we do for you?

This is essentially a discovery exercise that helps determine the current compliance position of an organisation, documenting any gaps against regulatory expectations and inherent risks that may be apparent. This can be conducted on or off-site and is our most popular product. Part of the challenge is understanding your risk exposure, whereby you can then start to plan a compliance roadmap.

Data Retention. This is without doubt one of the biggest challenges faced by businesses worldwide. With technical debt on the increase, organisations are finding they do not have the technical capability to delete or anonymise personal data from their systems. Let’s not forget physical paper storage too!

We can help you better understand your data holdings and work with you to build a data cleanse strategy, even if this means liaising with the ICO on your behalf.

Regardless of your current position, we can help you reduce your risk and enable you to better defend your position with a detailed pan on how you propose to become compliant with your data retention schedules and other regulatory timescales that might determine how long you retain information for

Data Protection by Design and Default is not new to the Data Protection Act. However, given the challenges faced by business in terms of outdated and limited functionality of their systems, it is clear there has been little aforethought with regards to data protection requirements. Let us help you better understand your system gaps by building a systems inventory. We’ll also cover off how to embed Privacy by Design into your organisation by advising on how this fits into your change management lifecycle through completion of Data Protection Impact Assessments

There are now 8 rights a data subject can requires under the GDPR. Whilst this isn’t a new concept, there are new additions including the Right to Erasure and the Right to Portability. ‘’How do we ensure our staff recognise a request’’, how long do we have to comply’’, ‘’what’s in scope’’ and ‘’are there any exemptions’ are just a few questions we can help you find the answer too. GDPR is also about empowering the data subject so this is one of the most important aspects of the Regulation to get right

Accountability is a new Principle of the GDPR. It’s about being able to effectively demonstrate that you understand your data by recording your processing activities. So whether its determining the lawful basis upon which you are relying on to process personal data or defining the purpose, we can help you bring together a comprehensive ROPA and help implement good governance practices to help keep it accurate and up to date

In some instances, organisations now have an obligation to report a data breach within 72 hours of becoming aware of it. A timely response can help manage risk to data subjects and your organisation. So, if you want to know how to recognise, report and respond to a data incident, we can help. We an also advise on how to identify the root cause of a data breach and help implement controls or changes to processes to  mitigate the risk of a repeat incident.

Embedding a privacy first culture into your organisation is key to demonstrating a good understanding of Data Protection by Design and Default. So whether this is carrying out a Data Protection Impact Assessment on a change to the way you process data or you are thinking of setting up ‘Data Steward’ network within your business, we can help

Arguably the most effective activity a business can undertake is ensuring it’s staff are aware and suitably trained on what aspects of the GDPR effect their day to day job roles. Here at Trust Hogen, we can provide bespoke eLearning packages on subjects such as GDPR Basics, cyber security and how to identify Phishing and Smishing attacks If it’s a face to face input you’d like, we can do that too!

Often the first thing a data subject needs to be aware of is the intention an organisation has for their personal data. Sometimes known as a Fair Processing or Privacy Notice, it is a document that informs a data subject of what data is being collected, how it is being processed and why, who it is being shared with, the lawful basis being relied upon for the processing and how long an organisation might retain that data for. In addition, this document should explain the rights a data subject has in terms of their personal information and how they might be able to make a complaint. It is important that this notice reflects how data is actually being processed and not your intentions for the future. We can help augment a robust privacy policy and also advise on where, when and how you should make this information available.

Quite often, organisations can become so focussed on ensuring compliance of customer data, that they forget their most important asset……our staff !

So whilst you must ensure your customer base is suitably safeguarded and empowered, you msu also replicate good data protection practices for employees too. This will include recording HR business processes, managing data breaches and informing your people about what information you hold about them and why.

At Trust Hogen, we have become HR Data experts and have worked in organisations that employ over 85,000 colleagues globally, down to a small medium enterprise with 3 employees. To that end, you’re in safe hands

With obligations to meet under GDPR and PECR, marketing has become somewhat of a minefield in recent years. Here at Trust Hogen, we have established partnerships with some of the top marketing associations in the UK and are able to access reliable legal advice and current best practices through our extensive networking of marketing experts.

Whether its registering with the ICO, dealing with enforcement notices or liaising with the UK’s regulator following a Data Breach, we can help. With extensive experience of managing an effective relationship with the ICO, we’ll help you overcome your challenge and find a resolution to your data protection issues.

Prior to complaining to the Regulator, data subjects are urged to try and find a resolution with an organisation directly. This is an early opportunity to find out exactly where it went wrong and try to provide a data subject with an explanation. So whether it’s a one off or complaint or a series of issues relating to the same event, we can help.

"At a time when our working lives are increasingly lived online, information security is more important than ever. Growing numbers of organisations are at risk from cyber threats that could disrupt, damage or even destroy the data and physical assets that make up their business. Gary has the knowledge, understanding, and skills to help organisations to reduce these risks. Having both come from a law enforcement background we are aligned in the need to talk straight and take action. Gary's ability to have a meaningful impact is a true strength and one that can benefit any business. But lastly and most importantly, his influence comes from a good place.....trying to help for the greater good. Gary's attitude and personality are infectious and I could not recommend him more highly."
Neil Frost
(COO Bob's Business)

For a free consultation please contact us today on 0151 459 9828 or email info@trusthogen.com