DCS
Pandemics
Better communication for pandemics at all scales
While easy to make commentary about it, information remains a major challenge during pandemics. In part, this is because when a new disease emerges, authorities are almost automatically one step ...
World Water day
World Water Day – Celebrating the importance and vulnerability of the world’s water supplies
This Sunday 22 March, we are proud to celebrate World Water Day. This is an important day that highlights issues of water security and environmental justice throughout the world. World Water ...
Leading the way in protecting the most vulnerable – interview with Chief Superintendent Jon McAdam from Lincolnshire Police
Leading the way in protecting the most vulnerable – interview with Chief Superintendent Jon McAdam from Lincolnshire Police
Jon McAdam is Temporary Chief Superintendent at Lincolnshire Police currently working as Area Commander for the West area of the County overseeing serious crime investigations, response policing and neighbourhood policing ...
coronavirus
COVID-19 and Data Protection in Emergency Circumstances
As of today, the coronavirus COVID-19 is affecting 124 Countries and territories around the globe, calling governments and businesses worldwide to face an emergency situation that might continue for longer ...
child soldiers, justice
Bringing better justice to child soldiers
Trilateral Research is collaborating with the Universidad de La Sabana in the PATCH (Patterns of Child Recruitment in Colombia) project. The project aims to identify patterns and dynamics of recruitment ...
Celebrating gender equality
Celebrating gender equality
At Trilateral, we believe in the strength of a diverse, gender-balanced environment with positive work-life balance, and value the passion and talents of our team. On International Women’s Day, we ...
Why take an interdisciplinary approach to data-driven decision-making around complex social problems?
Why take an interdisciplinary approach to data-driven decision-making around complex social problems?
“Data is the new gold”. This is a sentiment that has been repeatedly broadcasted by the big tech players and politicians alike. That may be the case, but what good ...
algorithm accountability
The ACM Conference Highlights: Fairness, Accountability, and Transparency in Socio-Technical Systems
Fairness, accountability, and transparency in socio-technical systems is a research area that has attracted growing interest. Socio-technical systems shape our day-to-day experience; therefore, it is essential to address the problems ...
COPKIT ethical impact assessment
“Staying ahead of the curve” – Data-driven policing tools to combat crime and terrorism
Terrorism and organised crime are evolving phenomena with high societal impacts. Increasingly, criminal organisations use new technologies to strengthen their capabilities to support their activities, such as phishing kits and ...
Embracing data protection to shield your company from Cyber-Risks – common organisational challenges
Embracing data protection to shield your company from Cyber-Risks – common organisational challenges
Experts are increasingly recognising that data protection and cyber-security must be integrated to be effective. Specifically, focusing on IT security alone does not address data protection requirements. For example, a ...
Predictive policing, PREVISION
Empowering Law Enforcement Agencies in the investigation and prevention of crime
Trilateral joins 28 organisations across Europe who will develop a cutting-edge platform for providing practical support to Law Enforcement Agencies (LEAs) and practitioners in the fight against terrorism, organised crime ...
Garda Siochana Irish police officer behind a car, Irish crime victims
Understanding crime victims’ experience with the police
We are proud to announce Trilateral Research's new project focused on on the experiences of victims of crime in relation to their interactions with the Garda Síochána (the police service ...
SOTER blockchain
Blockchain and privacy-by-design: a holistic approach to cybersecurity for the financial sector
We are living in the era of digitalization where digital applications across all business sectors are increasing. Unfortunately, cyber-attacks are alarmingly on the rise as well, which sets new challenges ...
AI, resilience and vulnerability
AI and robotics adverse impacts – how resilient or vulnerable are we?
Individuals and society benefit from advances in human genomics, human enhancement, AI and robotics technologies. But these technologies present ethical challenges and have the potential to challenge our values, way ...
Celebrating Data Protection Day
Celebrating Data Protection Day
The Council of Europe (CoE) in 2006 launched a Data Protection Day to be celebrated each year on 28th January, the date on which the CoE’s data protection convention, known ...
GDPR challenges SMEs
What are the challenges that SMEs are facing in complying with the GDPR? A view from the field
Since the GDPR came into force in May 2018, organisations of all sizes have been grappling with the principle-based regulation. Some larger organisations, benefiting from greater resources, were able to ...
https://stock.adobe.com/uk/images/iconic-scenes-from-the-karoo-region-in-south-africa-gravel-roads-and-semi-desert-conditions/246143035
Operationalising human security in South Sudan – Operation Trenton
In complex conflicts and crises, the security of individuals and populations can be threatened in a myriad of ways that exacerbate wider insecurity and violence. Human security-oriented approaches are crucial ...
Data protection by design, GDPR, privacy
Combating child exploitation with ethically designed technology
Government services throughout the UK gather more data than the various agencies can process, leaving them wondering who might be slipping through the cracks from the lack of ability to ...

Outsourced DPO

See below a list of standard requirements for this service, however we are always available to tailor our services in relation to our clients' needs.

Contact us to discuss further.

Serve as your DPO

Company name and contact details transmitted to the ICO Company name and contact details available to:
  • Management
  • Employees
  • Data subjects
Article reference: 37

Contact point for data subjects

  • Contact data accessible on the websites and privacy notices
  • Function as the main public contact point (email & post)
  • Guide your organisation on the possible sources of data access requests.
Article reference: 38(4)

Contact point for Data Protection Authorities
(e.g. ICO)

Liaise with the ICO in case of issues with data subjects and data breaches.
Article reference: 39(1)(d), 39(1)(e), 36

Ad hoc advice on difficult data protection issues

Written opinions on data protection queries, with an analysis of relevant issues or other relevant legislative elements
Article reference: 39(1)(a)

Regular newsletter to inform and advise on relevant developments and possible challenges in data protection

Newsletter containing the latest regulatory news and compliance guidance, and news concerning conferences and training opportunities
Monthly
Article reference: 39(1)(a)

Annual gap analysis

Audit and gap analysis to map new activities and data-processing practices
Virtual
Article reference: 39(1)(b)

Status discussion (via phone/skype) and report

Discussion and report
Every 6 months
Article reference: 39(1)(b)

Review of the privacy notices

Review of the privacy notices to ensure accuracy and advice on how to improve
Article reference: 39(1)(b)

Provide advice to the client organisation on how to carry on data protection impact assessments (DPIA) and to monitor their performance

We provide advice on:
  • Whether to carry out a DPIA
  • The best methodology to follow
  • Whether to carry out the DPIA in-house or to outsource it depending on the complexity
  • What safeguards (including technical and organisational measures) to apply to mitigate any risks to the rights and interests of the data subjects
  • Whether the DPIA has been correctly carried out and whether its conclusions are in compliance with the GDPR
Article reference: 39(1)(c)

Oversee the establishment and maintenance of the Record of Processing Activities

  • Contact point for the designated employee
  • Guidance on the Record, including provision of check-lists, best practices, and methodological advice
Article reference: 39

Provide guidance on data breach handling and reporting

  • Contact point for the responsible person
  • Contact point for the ICO
  • Advice on best practices for handling data breaches, including notification requirements, reporting and identification of measures to limit damage
Article reference: 33(3)(b)

Monitor the data-protection-training activities and advise on their necessity

  • Inclusion of a chapter on training in the status reports
  • Provision of news and updates on relevant conferences and training courses (newsletter)
  • Provision of training materials, where appropriate
Article reference: 39(1)(b)

Email and telephone assistance

-
Article reference: -

Bespoke notifications to management on critical legislative, judicial, or policy developments that may impact your business

Email notification with explanation of the development and a preliminary overview of the impact on the organisation
Article reference: 39(1)(a)

Training seminar on the developments of data protection law and policy

-
Article reference: -

Review of the consistency of the internal documents concerning data processing practices

Cross-check of the consistency of the internal documents
Article reference: 39(1)(b)

Weekend and holidays data breach guidance

Data breach guidance during the weekends and holidays
Article reference: -

DPO Assist

See below a list of standard requirements for this service, however we are always available to tailor our services in relation to our clients' needs.

Contact us to discuss further.

Ad hoc advice on difficult data protection issues

Written opinions on data protection queries, with an analysis of relevant issues or other relevant legislative elements
Article reference: 39(1)(a)

Regular newsletter to inform and advise on relevant developments and possible challenges in data protection

Newsletter containing the latest regulatory news and compliance guidance, and news concerning conferences and training opportunities.
Monthly
Article reference: 39(1)(a)

Annual gap analysis

Audit and gap analysis to map new activities and data-processing practices
Virtual
Article reference: 39(1)(b)

Status discussion (via phone/skype) and report

Discussion and report
Annually
Article reference: 39(1)(b)

Review of the privacy notices

Review of the privacy notices to ensure accuracy and advice on how to improve.
Article reference: 39(1)(b)

Provide advice to the client organisation on how to carry on data protection impact assessments (DPIA) and to monitor their performance

We provide advice on:
  • Whether to carry out a DPIA
  • The best methodology to follow
  • Whether to carry out the DPIA in-house or to outsource it depending on the complexity
  • What safeguards (including technical and organisational measures) to apply to mitigate any risks to the rights and interests of the data subjects
  • Whether the DPIA has been correctly carried out and whether its conclusions are in compliance with the GDPR
Article reference: 39(1)(c)

Provide guidance on data breach handling and reporting

  • Contact point for the responsible person
  • Advice on best practices for handling data breaches, including notification requirements, reporting and identification of measures to limit damage
Article reference: 33(3)(b)

Monitor the data-protection-training activities and advise on their necessity

  • Inclusion of a chapter on training in the status reports
  • Provision of news and updates on relevant conferences and training courses (newsletter)
  • Provision of training materials, where appropriate
Article reference: 39(1)(b)

Email abd telephone assistance

-
Article reference: -

Bespoke notifications to the top management on critical legislative, judicial, or policy developments that may impact your business

Email notification with explanation of the development and a preliminary overview of the impact on the organisation
Article reference: 39(1)(a)

Compliance Support

See below a list of standard requirements for this service, however we are always available to tailor our services in relation to our clients' needs.

Contact us to discuss further.

Data Mapping

Map the data flows within your organisation to better understand how personal information flows between departments

Data Protection Impact Assessments

Where required by the GDPR or national law, conduct or review DPIAs using our library of good practices
Article reference: 35

Consent and Privacy Notice Requirements

Revise and improve consent and privacy notices to meet transparency and accoutnability requirements

Gap Analysis

Identify gaps in your organisation's compliance with the GDPR, national data protection legislation or sectoral legislation

Data Protection Audit

Audit your organisation's activities to assess your compliance with applicable data protection law

Data Protection-by-design and -default

Work with your technical and admin teams to operationalise Data Protection-by-design and -default, using established good practice
Article reference: 25

Training

We offer general, role-based (e.g., HR) and activity based (e.g., DPIA) training. All our training materials are designed to be accessible to non-experts and easy to use

General compliance support

Support for creating required documentation, including, but not limited to Records of Processing activities, Data retention (and deletion) schedules, Personal Data Breach procedures, Subject Access Request procedures, Training materials, Legitimate Interest Assessments, etc.)

‘Risk Assessment Report and Methodology’

You can view the Executive Summary and Table of contents of the Project Solebay Risk Assessment Methodology Report.

Please sign up to the Solebay mailing list to download the Full Solebay project report.