Globalcyber and information security experts, ThinkMarble, are today launching a Virtual Data Protection Officer (VDPO) service, to provide UK businesses with access to a highly-skilled team of cyber security and risk mitigation lawyers that can act as their Data Protection Officer (DPO) under the EU General Data Protection Regulation (GDPR). The lawyers will be working alongside ThinkMarble’s multi-disciplinary team of security analysts, incident responders and penetration testers to provide a fully comprehensive and bespoke service to each business that draws on its expertise in UK and EU data protection law.
For public bodies and many private businesses, appointing a DPO is a mandatory requirement under the GDPR, which comes into effect on 25th May 2018. ThinkMarble’s new VDPO service will assist organisations in complying with the new regulation and remove the need to recruit expensive, full-time, in-house compliance staff.
The new service will offer companies access to a team of data protection legal and risk specialists who will act as trusted advisors, liaise with the ICO and make sure they comply with legal and contractual data security obligations. They will also act as the main contact point for data subjects, such as employees and customers, and help raise awareness and train staff on the importance of data protection. Another important function is to provide regular, comprehensive reports that advise on appropriate data security measures and risk mitigation at board and management level.
Robert Wassall, Data Protection lawyer and Head of Legal Services at ThinkMarble, comments: “The role of the DPO is at the heart of this new legal framework and will be an integral cog in any company’s ability to prove that they are not only compliant with the new Regulation, but also in demonstrating the highest level of accountability should a breach occur.
“A DPO should be appointed based on their knowledge and expertise in the field of data protection. They must be independent, credible and show integrity – this is difficult for a current employee, whether they are the Head of IT or at Director level, as this will represent a conflict of interest. Equally, you cannot expect to send an employee on one of the many advertised EU GDPR short courses and expect them to come away as an expert in data protection and law.”
Andy Miles, Founder & CEO at ThinkMarble, adds: “The clock is ticking, and time is rapidly running out for businesses that need help in navigating this perfect storm of Information Security and the GDPR. We are bringing together the combination of experience, knowledge and strategic guidance that will make complying with the new regulations more achievable and remove many of the management and budgetary headaches that company boards are suffering today.
“Over the last 18 months we’ve been helping companies prepare for the 25th May and the launch of our VDPO service allows us to offer a company of any size a full end-to-end service under one roof. With our unique combination of our 24/7 Security Operations Centre team, incident responders, red team and expert data protection lawyers, businesses can be confident that they are prepared for the impending and ongoing regulatory requirements.”