Challenge

What challenges were you and your team experiencing prior to working with us – what prompted you to seek a solution? Prior to the introduction of the EU GDPR, we had developed a mature and considered approach to data protection compliance. Given the potential risks in managing large volumes of personal data during a rapid scale-up phase, we decided to appoint a subject matter expert to be able to take a holistic view of our governance framework and assess its capability based on future activity rather than on existing processes.

How did you go about searching for the solution and services? As part of the consultant selection process, one of our key requirements was engaging with a practice that was able to appreciate the practical challenges around processing large volumes of personal data and implement pragmatic and sustainable solutions, whilst helping us build an internal data protection capability in step with our growth plans.

Please describe the reasons you decided to work with us. We spoke with a few consultancies and liked Evalian’s pragmatic approach, they were friendly and helpful and really knew what they were talking about. After a thorough gap analysis, we were confident that they had a good understanding of our business.

Did you have any expectations going into the process? We had not appointed data protection specialists before. We had been reliant on our legal team. Faced with a significant increase in workload it soon became evident that our legal team may struggle to provide the advice and support required by the rest of the business. We wanted to see whether outsourcing to a specialist would match our needs. And it did.

Solution

Can you describe the process we took your business through and anything you learnt about your own business through working this way? After an initial intense discovery phase, Evalian® supplied us with a detailed data map and gap analysis in order to develop a remediation plan. We feel far more confident in managing our business risks in relation to personal data. We feel we are in a good position to grow with confidence.

Were there any challenges you found along the way and how did you feel we or your consultant, helped to support you through that? As a fast-growing company, it is sometimes difficult to balance the work needed to develop the company quickly and at scale, with GDPR requirements. It was helpful having Evalian® as a partner and to take some of that weight off in the initial phases.

What changes did you make as a result of working with us? We have built upon our data protection governance framework, including a comprehensive set of policies and an effective training programme.

Impact

What has been the most significant achievement for your business facilitated by working with us? We have greater staff engagement in data protection and information security across our organisation.

What impact has the results from working with us had on your clients/stakeholders? After improvements to our data protection governance framework and creating a more robust security posture, our clients and staff have more confidence that we are doing everything the right way when it comes to data protection.

What do you hope to achieve in your future working relationship with us? We will continue to work with Evalian® as our Data Protection Officer and further develop our knowledge, understanding and compliance with GDPR.

Learn more about our Outsourced DPO Services.