
Under the UK GDPR, the majority of organisations processing personal data are required to create and maintain a ROPAs

Let’s face it, there is nothing straightforward or simple about responding to a data subject access request (DSAR).

We discuss the importance of ensuring that your whole organisation can identify a DSAR and the benefits of controlling the entry points of DSARs.

For all of us, email can be both a blessing and a curse. On one hand you have the speed and convenience of communication....

When looking to comply with the General Data Protection Regulation (GDPR), it is always a worthwhile exercise....

We provide some questions which should help you in determining your level of compliance with the GDPR

The GDPR (EU) 2016/679 is an EU regulation which came into effect on 25 May 2018 and set a new benchmark for the processing of personal data.

We look at the requirement within both the DPA and the GDPR to verify the identity of an individual making a request before acting or releasing information

Is there a catch-all international standard that effectively proves external verification of data protection compliance?

We have seen an increased focus on the General Data Protection Regulation (GDPR) by certification body (CB) assessors when conducting ISO 27001 audits.
If you are looking for reassurance when applying for certification use our Cyber Essentials Application Review Service.
If uncertain, URM is able to conduct a high-level GDPR gap analysis which will assist you understand your current levels of compliance and identify gaps and vulnerabilities.
URM can offer a host of consultancy services to improve your DP policies, privacy notices, DPIAs ROPAs, privacy notices, data retention schedules and training programmes etc.