Data protection and privacy
Privacy is a fundamental human right.
Over 130 countries have constitutional statements regarding the protection of privacy. However, the right to privacy is not “absolute” which means it can be interfered with in certain limited situations as long as it is necessary and proportionate.
There are innumerable systems and solutions in the market purporting to be Data Protection law compliant (such as with the GDPR) however, all this means is that the system or solution themselves have the capability of being compliant to what data protection laws potentially require.
Ultimately it will all boil down to : what data you would like to collect, who does it relate to, why you want it, when will you collect it, where will you store it and for how long you collect data for, that will determine whether you can operate within data protection and privacy laws and standards. No system, solution or indeed data processing can ever be compliant if you cannot establish the legal basis and justifications for those basic questions, however fancy your "tooling" is.
What we do
We are a group of specialists who have in depth industry and pragmatic hands-on implementation experience, helping organisations of all sizes navigate and stay true to the spirit of privacy legal requirements and data ethics, whilst maximising the commercial benefits of good data management.
This is about real advisory on how you can be well on your journey of becoming sustainably compliant whilst continuing with your commercial ambitions, rather than a point in time, transient tick box exercise.
Services and Capabilities include:
- Data Protection Officer (DPO) as a service or as a DPO sounding board
- Privacy Risk assessments
- Privacy support (readiness assessments, privacy notices, cookie analysis, detailed risk-based assessments on your processing activities and across all Privacy contract clauses, themed compliance reviews e.g. cross-border transfer analysis, implementation of compliance programmes and on-going monitoring, creation of Records of Processing, assistance in DSARs, augmentation of your current Privacy resource capability, outsourcing of key Privacy capabilities)
- Privacy Impact Assessments (PIA) on change activities or new processing
- Breach response reviews
- Third-party privacy reviews and creation of privacy oversight frameworks
- Design and implementation of privacy operating models
- Data protection internal audits
- Training and awareness programmes
Consultants
We have a top notch team!
Monica Sidique
A versatile and solutions-focused senior legal, privacy and commercial consultant with corporate governance prowess, information security know-how and an exceptional track record devising/implementing strategy at top-level; delivering complex change, optimising systems and facilitating compliance for all types of organisations including SMEs to large multinationals and public-sector departments. She brings with her over 20 years of experience.
An influential C-level adviser, negotiator and subject matter expert with the ability to forge stakeholder relations at all levels; championing best practices, challenging the status quo and transforming attitudes and behaviours to data privacy and its processes.
Organisations she has worked with include: M&G Plc Group (formerly M&G Prudential), Prudential Plc, Vodafone Group, Compass Group, Motorola, MBNL, Dun and Bradstreet, Ordnance Survey, and D.E.R.A. Monica is a qualified lawyer with an MSc in Information Security and an MBA (merit) from University of Warwick Business School.
Aslam Sidique
Aslam has 20 years of commercial experience within Corporate, SME and Start-up environments within Telecoms, Oil & Gas, BPO, Digital Marketing and Consulting sectors.
As part of the team, he acts as a bridge between the client’s business, Data Privacy & Information Security to delineate their requirements to work within frameworks. Improving the organisation’s compliance with GDPR and ISO 27001, reducing risks and improving customer trust.
His expertise includes ‘out of the box’ creative solution focused direction, mature negotiation skills, multi-functional collaboration across international teams, due diligence, policy development and implementation using ISO 27001 standards, risk mitigation and assurance.
Some clients include: Acacium Group UK (Health care), Pre Impact -Swtzerland (Zero Carbon Project), Akkio - Cambridge MA USA (Ai-Machine Learning), Adaptive Pulse - Ontario Canada (Ai Platform), Yape - Milan Italy (Last Mile Delivery Robots), Khartes Capital - London (Hedge Fund) , Mint House - NY USA (airbnb rentals)
Aslam holds an MBA and an MSc in Information Security and Computer Crime.
BLOGS
Thoughts, musings, and ruminations.
There are no published blog posts yet.- Contact Us
Info@privasi.co.uk
© 2020