A readiness programme covering four phases to help you improve your data protection practices and prepare for the General Data Protection Regulation. We can help with awareness, data mapping, programme design and management, programme implementation and ongoing support.

Privacy and data protection has never been more important. Digitalisation and ‘digital first’ business models and customer experience strategies have made personal data more valuable than ever. Customer engagement is built on trust and individuals want to know what their data is being used for and why. They also want to control the circumstances where their data is being used to market goods and services to them. GDPR is only a part of the legislative framework. Organisations already need to comply with the Data Protection Act 1998. Many will also need to comply with the Privacy and Electronic Communication Regulations (PECR), which is expected to be replaced once the new ePrivacy Regulation passes in to law. We can help you meet your privacy obligations and implement best practice. Our services cover: Data protection and GDPR readiness subscription services, including telephone and email support Out tasked data protection management Data protection health checks Applying data protection by design Data protection impact assessments (PIAs) Privacy notice, policy, procedures and guidance reviews Subject access request procedures Data mapping Record keeping Information risk management Information security Awareness training Executive briefings

GDPR The EU General Data Protection Regulation (GDPR) comes in to force on 25th May 2018 and will apply to all organisations within the EU and to any non-member states that offer goods or services to EU residents. The UK is committed to GDPR notwithstanding the Brexit vote, and a new Data Protection Bill will be introduced to parliament this year to pave the way for the new regime. Whilst in many ways an evolution of the existing data protection laws, the GDPR will profoundly reshape the way that organisations handle data governance because many do not meet the existing compliance standards. GDPR extends and broadens the types of personal data that are protected and increases the rights of data subjects. Data controllers and data processors will have new and substantial obligations to meet and will be expected to demonstrate accountability for protecting the privacy of personal data. The potential penalties for non-compliance increase significantly and are intended to be dissuasive. In addition, the regulation will codify the rights of individuals to claim compensation for distress and to launch ‘class actions’ in certain circumstances. Our GDPR Readiness Services provide organisations with an approach to understanding the regulation and their obligations; development of a tailored and prioritised readiness framework; implementation services and programme management; and ongoing data protection support and services. We provide these across four phases as follows Phase 1: Understand: This is the starting point for organisations with limited knowledge of their data protection obligations and what GDPR means for the.  Our services cover awareness training, executive and stakeholder briefings, assessment of your current preparedness for the regulation and review of your information security regime as compared to best practice. Phase 2: Define: We define the scope of compliance for your organisation by gathering information about your processing activities and plans, Also, on the data protection procedures and working practices you have in place. We prepare a GDPR readiness framework and programme for your organisation with defined work streams and priorities. Phase 3: Implement: We work with you to implement the framework and deliver the work streams agreed at Phase 2. We can support and help programme manage internal implementation or we can manage the full implementation process for you. Our services can be provided as consultancy or on a subscription basis, providing you with access to knowledge and resource as you need it. Phase 4: Manage: Having implemented new procedures and working practices, it will be important to maintain and operate it as part of an ongoing lifecycle. This will help embed privacy into your culture and also prevent the working practices and procedures falling out of use as your business and key personnel change.  We can help you maintain your management framework and assist with your ongoing data protection obligations. Again, our services can be provided as consultancy or on a subscription basis, providing you with access to knowledge and resource as you need it.

Contracts are the lifeblood of any business. With regulatory requirements, risk management, and cost control high on executive agendas, many companies are looking for the increased management of contracts for enhanced visibility, control, and performance.

Review centers designed to protect your data and promote productivity Our clients’ matters cut across jurisdictions with different data privacy and protection regulations. In most instances, the safest and often only way to conduct a review is in the region where the data originated. That’s why Privacy Counsel Group has a global network of review centers stationed at strategic locations across the globe—from New York to London to Frankfurt to Shanghai, and places in between. All of our review centers are outfitted with the security needed to protect your data and a design that promotes productivity to keep costs within budget. Highlights include: Building and network security. On-site review managers. Convenient Access. Efficiency & Value.

Expert review services that increase quality, efficiency and cost savings Staffing Skilled legal professionals when and where you need them. Privacy Counsel Group’s pool of skilled legal professionals has proven experience performing document review, ranging from simple responsiveness coding to complex and specialized decision making. Our global reach enables our clients to quickly staff any project with qualified, multilingual reviewers for complex reviews. Privacy Counsel Group staffing service offers: Expert recruiters with local market expertise can staff projects in as little as 24 hours. Access to a database with thousands of pre-screened, multilingual law professionals. To learn more about Staffing, contact us. Interested in joining the Privacy Counsel Group Review Team? Click to submit your CV  

Processing technology and services that foster fast, efficient reviews Production of unstructured data is only as good as the team that processes them.  Privacy Counsel Group’s Data Processing service is designed for corporations and law firms that require fast, accurate and complete metadata extraction, culling and duplication. With over ten petabytes of data processed, we have the tools and best practices to process even the most complex data corpuses.  We use best-of-breed technology, to process an array of non-traditional data types, including audio and multiparty chat transcripts. Privacy Counsel Group’s data processing service is supported by our consultative, experienced project management and operations teams and can be delivered across the globe in our dedicated centers or on premise at our client’s facilities.

When a legal matter requires data collection, organizations are naturally concerned that an outside team will understand the mandate, cultivate strict collection protocols and be reasonably priced. Privacy Counsel Group covers all the bases while maintaining a client-centric approach from start to finish. After consulting with the client to identify the location, format and volume of potentially responsive data, we then work to construct the most cost-effective collection strategy possible. Throughout the process, we are always available to advise on any data privacy or jurisdictional considerations that may arise. Privacy Counsel Group uses a vendor-agnostic approach to collections, combining well-established collection methodologies with a flexible set of tools and procedures. This allows our global collections team to customize our response to fit the situation, taking great care to avoid disruption of a client’s business operations. We liaise between legal counsel and the client’s IT staff to maintain proper records and comply with all agreed-upon collection methods. Every step of the way, our practices and protocols maintain an airtight chain of custody, preserve metadata and avoid any claims of alteration, ensuring the data can be properly authenticated in court.

Manage your eDiscovery workflow with a custom-designed solution providing scalability, security and efficiency at a predictable monthly cost Properly supporting eDiscovery workflows demands significant investments — capital to build out installations and redundancies, time to develop best practices and operating budgets to recruit, train and retain specialists — all with efficiency, scalability and security in mind. These investments, exceeding millions of dollars and years of effort, are inaccessible to most organizations. With Privacy Counsel Group Managed Services, leaders in law firms and corporations leverage our multidisciplinary project team, robust & scalable global infrastructure and workflow automation and innovative technologies to meet eDiscovery needs at a low, predictable monthly cost. Flexible Solutions Designed to Meet your Needs Have power users that want to process and upload data? Need our support team to handle overflow administrative tasks? Our flexible Managed Services model provides cost-savings and support infrastructure when and where you need it without burdensome terms and associated costs. Privacy Counsel Group team can explore your needs and walk you through an ideal solution that works for your organization.