Home Portfolio Organisations with £20 billion combined income prioritise data governance by investing in a large-scale Data Protection Impact Assessment (DPIA)

Organisations with £20 billion combined income prioritise data governance by investing in a large-scale Data Protection Impact Assessment (DPIA)

Client Needs

A group of four large organisations operating in the UK, with European and global networks, decided to significantly increase their combined personal data sharing. They responded to the macro developments of Brexit, the Covid-19 pandemic, changes to UK law and past use cases where lack of information caused inefficient service delivery and sub-optimal responses. The organisations’ expertise span infrastructure, construction, engineering, transport, security, law enforcement and science / technology research. They wanted to develop sophisticated data analytics capabilities, big data warehousing, improved data insights, better intelligence and more strategic joint action. A range of technology solutions were selected, short-listed and prototyped including cloud services, database merging, Application Programming Interfaces (APIs) and publicly available data. The project was bespoke and highly experimental, so over time, the parameters changed because of testing, effectiveness, risks and costs. The group wanted to prioritise data quality, General Data Protection Regulation (GDPR) compliance, data retention and to ensure data security played prominent roles in the life of the project.

 

PrivacySolved Services and Solutions

PrivacySolved provided a senior External Data Protection Officer (eDPO) to the project who helped to develop the agreements and the GDPR Data Protection Impact Assessment (DPIA). The eDPO identified gaps, suggested improvements and challenged GDPR compliance steps, risks, technology assumptions and intended outcomes. The DPIA and agreements became rolling, flexible and iterative documents which changed with project development, changes to high-risk data processing, new technology solutions, costs and efficiencies. The process lasted for 14 months, with many rounds of changes. Our Legal and Regulatory Support services added backup support to the eDPO. The organisations were involved at every stage and fully invested in the process; informing the DPIA as the DPIA GDPR’s analysis informed their processes. The DPIA led to the project team improving existing technical solutions and introducing new technologies to enhance data security, data minimisation, the protection of special categories of personal data and user interfaces.

Results

The group received senior expertise, insights and project support for over 1 year to:

  • Understand their datasets, negotiate data sharing solutions and manage data risks
  • Comply with UK/EU law by using an effective senior Data Protection Officer (eDPO)
  • Improve transparency and accountability via a live flexible high-quality updated DPIA
  • Meet the multi-million cost-saving targets, joint working and effective collaboration

Client Success Stories: What Our Partners Say

Our clients’ testimonials are the performance indicators PrivacySolved values most. These keep us focused on excellent delivery, while never losing sight of the evolutionary nature of our clients’ needs, our expertise and the need for continuous improvement.

Partnerships &
Memberships 2024

Take the next step

PrivacySolved can empower your real-time response to Data Breaches or Cyber Attacks globally, around the clock and across time zones. At any time, you also can activate our global data privacy expertise, DPOs, vCISOs, cybersecurity strategy and responsible AI services.

Click below to start the most important conversation you’ll have this year.

© Copyright 2024 PrivacySolved. All rights reserved. Website by Jerboa.