Trilateral’s data governance services support organisations to navigate the latest regulations with confidence to maintain their high reputational standards and preserve trustworthy relationships with their clients and partners. Data Governance
Often organisations know they need to do something, but they don’t know where to start. It can be difficult to find clear information about how to implement practical data protection and cyber-security principles within your unique context.
To help organizations figure out what they need, we offer the following services:
Map your business’ requirements, identify strengths and weaknesses and create a plan. Read more.
Build policies and procedures to improve compliance and strengthen skills. Read more.
Build awareness within your team and reduce your organization’s risk. Read more.
Data Protection Impact Assessment
Assess an existing system or process and reduce your risks by understanding and mitigating them. Read more.
Map the data flows within your organisation to better understand how personal information flows between departments
Data Protection Impact Assessments
Where required by the GDPR or national law, conduct or review DPIAs using our library of good practices
Article reference: 35
Consent and Privacy Notice Requirements
Revise and improve consent and privacy notices to meet transparency and accoutnability requirements
Identify gaps in your organisation's compliance with the GDPR, national data protection legislation or sectoral legislation
Data Protection Audit
Audit your organisation's activities to assess your compliance with applicable data protection law
Data Protection-by-design and -default
Work with your technical and admin teams to operationalise Data Protection-by-design and -default, using established good practice
Article reference: 25
We offer general, role-based (e.g., HR) and activity based (e.g., DPIA) training. All our training materials are designed to be accessible to non-experts and easy to use
General compliance support
Support for creating required documentation, including, but not limited to Records of Processing activities, Data retention (and deletion) schedules, Personal Data Breach procedures, Subject Access Request procedures, Training materials, Legitimate Interest Assessments, etc.)