Let's talk privacy! First name* Last name* Email* Company name CAPTCHAEmailThis field is for validation purposes and should be left unchanged. Business leaders are aware that failing to deal with privacy is a risk. They worry about potential fines, but it’s the risk of reputational damage to both their company and themselves that keeps them awake at night. Poor privacy compliance can derail deals, destroy brands and damage morale — and a lack of investment in privacy is often a false economy. So why is privacy still on so many leaders’ to-do lists? First of all, many organisations don’t know where to start. They’re lost in a fog of too much information and are confused about how to choose the most simple and effective solution. They worry about who will do the work and how much it will cost. Others don’t know what “compliant” means, let alone how they can prove compliance if a regulator ever comes knocking on the door. So how do the various solutions for getting privacy sorted stack up? We made a list… Hire a privacy consultant This seems like an easy choice. If you don’t know what to do, hire a contractor who does. You could also ask that contractor to be your Data Protection Officer (DPO) and outsource that ongoing responsibility as well. Pros Offers the possibility of a bespoke solutionA consultant should know what a good privacy compliance programme looks likeThey could possibly act as your DPO if you need one Cons Consultants are expensive and their quality is variableA consultant will never know your business and the personal information it processes as well as your own people doThey may find it difficult to motivate your staff to assist in embedding privacy within your organisationA consultant may require you to buy additional software tools to support their workWhen they are gone, their expertise is also gone and your programme risks quickly becoming out of date Hiring a consultant is probably more suitable for a project rather than a sustainable, ongoing programme. It enables the outsourcing of the privacy problem but the consultant is unlikely to truly understand your organisation’s personal data processing. This solution won’t last forever and could end up being expensive. Answer our GDPR compliance checklist questions and we will email you an objective, personalised report within minutes. It gives you a score out of 10 for your data privacy compliance with a further option for our free, more detailed data audit for GDPR, containing our practical suggestions. Do our quick GDPR compliance audit Speak to a lawyer If you want to comply with the law, you get a lawyer, right? You may already have a lawyer that you trust. If not, there are some great privacy and data protection lawyers out there – and if you would like a recommendation, I’m happy to provide one. Pros They will know the law (a good start!)If you already have a lawyer that you trust, it may be a safe bet Cons This option can be frighteningly expensiveThey’re unlikely to know enough about your business and its dataTheir ideas could be more ‘legal’ than ‘practical’ In my opinion, lawyers are better placed for when something goes horribly wrong, or when you need complicated, bespoke advice on a particular transaction or project. They’re less suited to coming up with a cost effective and comprehensive privacy compliance programme. Solve it with software Prior to the introduction of the GDPR in 2018, there was an influx of software providers claiming to be able to solve your privacy needs at the click of a button. Some software can definitely help. But often it’s not as straightforward or as complete a solution as it claims to be. Pros Software can use automation to speed up some tasksIt can enable organisations to demonstrate performance of some privacy measuresIt can be helpful for large organisations Cons Software doesn’t tell you how to build a privacy compliance programmeIt requires someone who knows privacy law and how to use the software Software often appears complicated and lacking in structureSoftware only automates some of the tasks associated with privacy compliance, such as subject access requests and auto deletionThere are often additional integration expenses and other hidden costs There is no software solution that can do the whole job for you. Technology can be useful, but organisations will still require a knowledgeable individual to assess the landscape, and deploy software appropriately. It can be expensive to implement, especially when additional consultancy and integration fees are taken into account. Do it yourself If you have the time and the enthusiasm, you can tackle privacy compliance yourself. There are lots of free resources on the internet including the ICO’s own website. It can be time consuming and daunting though. Pros There are no consultancy or software costsThere’s plenty of free information available online Cons It’s difficult to know where to start, or what to prioritiseIt’s easy to feel overwhelmed – there just seems to be so much to do!It requires a huge time commitment to read, learn and implement everything without really knowing whether you are doing it right In short, this approach is ok if you don’t have the money right now for a quicker and more effective solution. Employ somebody Many organisations opt to employ somebody well versed in privacy matters if they don’t already have someone with the knowledge within the organisation (or the enthusiasm to retrain). Pros They should be an expert and will get to know your company and how it processes dataThey will always be available to answer questionsPotentially, they can act as your DPO Cons The right person can be difficult and very expensive to recruit and retainIf they don’t succeed in building a sustainable, demonstrable programme which spreads knowledge among other stakeholders, that knowledge is lost when they leave They may still need the support of software to make their job easier Get the right person and this is a good solution, but that’s not always a given. Not only do they need the privacy expertise, but they need to be able to motivate your leadership team and staff to embed a culture of privacy within your organisation. The Privacy Compliance Hub The Privacy Compliance Hub offers a simple, structured, comprehensive, privacy compliance programme to best manage your risk. Built by tech lawyers with a proven track record of protecting the reputations of leading organisations, the Hub builds a culture of compliance within your organisation, making it easy for everyone to understand privacy and commit to protecting it. Pros The Hub successfully reduces the risk of fines and tarnished reputationIt enables you to understand the requirements and confidently implement themIt includes relatable training content so everyone’s on the same pageIt provides the required data protection assurance to your clients and partnersYou’ll have access to powerful reporting tools, so you can always demonstrate your complianceIt’s cost-effective Cons It isn’t a silver bulletYou still need a nominated project manager (can be internal or external) to drive the programme contained within the platform We built the Hub to be the simplest and most cost-effective privacy compliance solution for organisations of every size. It tells you what to do and how to do it, it gives you everything you need, and it enables you to demonstrate your compliance, all in one place. Want to find out more? Get in touch. Topics:ConsultantGDPRoptionsPrivacySoftware
Answer our GDPR compliance checklist questions and we will email you an objective, personalised report within minutes. It gives you a score out of 10 for your data privacy compliance with a further option for our free, more detailed data audit for GDPR, containing our practical suggestions. Do our quick GDPR compliance audit
Speak to a lawyer If you want to comply with the law, you get a lawyer, right? You may already have a lawyer that you trust. If not, there are some great privacy and data protection lawyers out there – and if you would like a recommendation, I’m happy to provide one. Pros They will know the law (a good start!)If you already have a lawyer that you trust, it may be a safe bet Cons This option can be frighteningly expensiveThey’re unlikely to know enough about your business and its dataTheir ideas could be more ‘legal’ than ‘practical’ In my opinion, lawyers are better placed for when something goes horribly wrong, or when you need complicated, bespoke advice on a particular transaction or project. They’re less suited to coming up with a cost effective and comprehensive privacy compliance programme. Solve it with software Prior to the introduction of the GDPR in 2018, there was an influx of software providers claiming to be able to solve your privacy needs at the click of a button. Some software can definitely help. But often it’s not as straightforward or as complete a solution as it claims to be. Pros Software can use automation to speed up some tasksIt can enable organisations to demonstrate performance of some privacy measuresIt can be helpful for large organisations Cons Software doesn’t tell you how to build a privacy compliance programmeIt requires someone who knows privacy law and how to use the software Software often appears complicated and lacking in structureSoftware only automates some of the tasks associated with privacy compliance, such as subject access requests and auto deletionThere are often additional integration expenses and other hidden costs There is no software solution that can do the whole job for you. Technology can be useful, but organisations will still require a knowledgeable individual to assess the landscape, and deploy software appropriately. It can be expensive to implement, especially when additional consultancy and integration fees are taken into account. Do it yourself If you have the time and the enthusiasm, you can tackle privacy compliance yourself. There are lots of free resources on the internet including the ICO’s own website. It can be time consuming and daunting though. Pros There are no consultancy or software costsThere’s plenty of free information available online Cons It’s difficult to know where to start, or what to prioritiseIt’s easy to feel overwhelmed – there just seems to be so much to do!It requires a huge time commitment to read, learn and implement everything without really knowing whether you are doing it right In short, this approach is ok if you don’t have the money right now for a quicker and more effective solution. Employ somebody Many organisations opt to employ somebody well versed in privacy matters if they don’t already have someone with the knowledge within the organisation (or the enthusiasm to retrain). Pros They should be an expert and will get to know your company and how it processes dataThey will always be available to answer questionsPotentially, they can act as your DPO Cons The right person can be difficult and very expensive to recruit and retainIf they don’t succeed in building a sustainable, demonstrable programme which spreads knowledge among other stakeholders, that knowledge is lost when they leave They may still need the support of software to make their job easier Get the right person and this is a good solution, but that’s not always a given. Not only do they need the privacy expertise, but they need to be able to motivate your leadership team and staff to embed a culture of privacy within your organisation. The Privacy Compliance Hub The Privacy Compliance Hub offers a simple, structured, comprehensive, privacy compliance programme to best manage your risk. Built by tech lawyers with a proven track record of protecting the reputations of leading organisations, the Hub builds a culture of compliance within your organisation, making it easy for everyone to understand privacy and commit to protecting it. Pros The Hub successfully reduces the risk of fines and tarnished reputationIt enables you to understand the requirements and confidently implement themIt includes relatable training content so everyone’s on the same pageIt provides the required data protection assurance to your clients and partnersYou’ll have access to powerful reporting tools, so you can always demonstrate your complianceIt’s cost-effective Cons It isn’t a silver bulletYou still need a nominated project manager (can be internal or external) to drive the programme contained within the platform We built the Hub to be the simplest and most cost-effective privacy compliance solution for organisations of every size. It tells you what to do and how to do it, it gives you everything you need, and it enables you to demonstrate your compliance, all in one place. Want to find out more? Get in touch. Topics:ConsultantGDPRoptionsPrivacySoftware