Below are some of the Data Protection Compliance Services I offer. If you require any bespoke data protection services, please contact me and I will be happy to tailor a service for your organisation.
Gap Analysis
For any organisation embarking on data protection compliance, a gap analysis must be the first step in the journey. A gap analysis means to identify the gaps and omissions in compliance with the Data Protection Act, 2019. The analysis involves:
- Conducting a data map of the personal data flows
- Identifying the laws and regulations applicable for the data flows
- Advising and filling the gaps identified to be compliant
- Advising whether a Data Protection Impact Assessment is required
Remediation Measures
On completion of a Gap Analysis, organisations need to embark on remediation measures for data protection compliance. Some of the remediation measures include:
- Reviewing contracts with third parties, controllers and processors
- Reviewing and analysing existing policy framework and practices
- Reviewing data retention procedures and policies
- Assessment of marketing practices and any surveillance practices
External DPO Service
A skilled Data Protection Officer (DPO) is key to any organisation’s continuous alignment with the Data Protection Laws. A DPO can be an external or an internal officer. Though a DPO is not mandatory for many organisations not processing extensive amounts of personal data, having access to a decent DPO is helpful. A good DPO will assist with:
- Data compliance “health checks” at regular intervals
- Managing risks and advising on data protection matters
- Advising on training and capacity building of staff
- Liaising with the Office of the Data Protection Commissioner
I have extensive experience is advising organisations as an external DPO on a retainer or case-by-case basis.
Data Protection Training
Training on Data Protection laws and good practices for any organisation cannot be over-emphasised. Without adequate training by a skilled Privacy professional, organisations are exposed to extensive fines and protracted litigation. I have devised the following trainings which can be delivered online or face-to-face.
- Introduction to Data Protection
- Data Protection and Marketing
- Data Protection for Employers and Employees
- Bespoke Data Protection Training for any organisation
Please click on this link to learn more about the Data Protection training programs.
Whether it is data protection for charities or businesses, I will make the process effective, efficient and simple so you can be assured that you are in compliance of your privacy obligations at all times.
Amit Gadhia
- Advocate of the High Court of Kenya
- Solicitor of the Senior Courts of England and Wales (practicing freelance)
- Certified International Privacy Professional-Europe (CIPP/E)
- OneTrust Fellow of Privacy Technology
- Privacy Engineering Certified
- Corporate Governance Professional (ICSA – UK)
- Certified Company Secretary (Kenya)
- Commissioner for Oaths and Notary Public