Data Protection Services

Privacy & Protection

HELPING YOU
MITIGATE RISKS

Most businesses don’t have the resources or practical experience in Data Privacy Impact Assessments, breach notifications and correspondence with Data Protection Authorities, such as the Information Commissioner’s Office and general business operations to reliably lead on regulatory compliance readiness and the Data Protection Officer (DPO) role. That’s where we come in. We offer a variety of compliance services to support and enable your business goals.

BDM Squared offers a client-centric, comprehensive service for all sizes of organizations wherein we assess and advise our clients on how to safeguard, manage, process and store the personal and sensitive data to ensure compliance to the organization’s legal and regulatory obligations. We are versed in GDPR, PIPA, HIPAA and other international data protection regulations. We go beyond reporting non-compliance. We walk our clients thru the remediation process to full compliance.

GDPR

GENERAL DATA PROTECTION REGULATION (GDPR)

The General Data Protection Regulation, or GDPR, came into effect on May 25, 2018, GDPR and specifically targets how businesses and the public sector handle the personal data of 750 million European citizens. This means any company that holds any data on EU citizens, from personal information such as credit cards numbers to even a simple photo of the citizen, is subject to GDPR. Although this law exists in the EU, it’s reach will be global, so businesses outside of the EU could still face penalties and fines if they do not comply with the legislation.

BDM Squared is your gateway to compliance offering:

✓ Emergency Breach Response Management

✓ Vendor Due Diligence

✓ Corporate Binding Agreements and Joint Liability

✓ Change Management & Personalized GDPR products

✓ Practical and Direct Administrative Support

✓ Disaster Recovery and Business Continuity Review & Development

✓ CCTV Registration & Contact with Data Protection Authorities

✓ Data Privacy Strategy Review & Development

✓ GDPR Awareness Review & Training

✓ Policy Reviews & Terms and Conditions Updating

✓ Incident Response Procedure, Review & Development

✓ Subject Identity & Access Management, Policy Review & Development

✓ Data Privacy Impact Audit/Assessment

✓ Privacy Risk Management Review & Development

administrative

ADMINISTRATIVE SERVICES

There are a number of administrative tasks that are key to data privacy and protection. We offer a variety of administrative services to support and enable your business goals related to Data Protection.

✓ Personalising training materials /presentations

✓ General filing and Confidential Waste Management

✓ Promoting a culture of data privacy and cybersecurity by design and default

✓ Document Management (Digital Migration, Scanning, Uploading, Cloud & ThirdParty Logs)

✓ Coordinating Subject Access Request (SAR) and assisting with compliant
handling and investigations

✓ Assist with the creation, roll-out, and maintenance of the teams GDPR/PIPA
procedures and standards ensuring compliance with GDPR/PIPA obligation

✓ Data Audits/Assessments

✓ Researching GDPR and Cyber Security news and updates

✓ Providing administrative support for the GDPR/PIPA Programme

✓ Issuing revised contracts/letters to third party suppliers

✓ Issuing, tracking and reporting of notification letters for contracts

✓ Compilation of data from various systems to produce status reports

✓ Manage GDPR/PIPA mailbox, taking responsibility for processing GDPR/PIPA
client queries, requests for GDPR Questionnaires, Addendums etc and
coordinating responses with or signposting to various internal and external
stakeholders in a timely manner

administrative
cybersecurity

CYBERSECURITY SERVICES

Cybersecurity is a critical component of a modern business strategy.

We offer a variety of cybersecurity services to identify and mitigate the risk and reduce vulnerability:

cybersecurity

✓ Risk Management Review & Development

✓ Emergency Breach Response Management

✓ Vendor Due Diligence

✓ Cloud Security Planning

✓ Penetration testing – Monthly/Quarterly/Annually

✓ Compliance Accreditation (Cyber Essentials/ISO-27001)

✓ Disaster Recovery and Business Continuity Review & Development

✓ Security Strategy Review & Development

✓ Security Awareness Review & Training

✓ Security Policy and Procedure Review & Development

✓ Incident Response Review & Development

✓ Identity & Access Management Policy Review & Development

✓ Governance Charter Review & Development

✓ Threat, Vulnerability & Risk Assessment

LET’S GET TO WORK

We’re just as excited to you, no matter the size of the project, our team is ready to help!