GDPR compliance 
support services

We help law firms and accountancies prepare for the General Data Protection Regulation (GDPR) and stay compliant post 25 May 2018.

Contact Us

What is GDPR?


If you process personally identifiable information (PII) in the UK, then you should already be complying with UK legislation – specifically, the Data Protection Act 2008.

However, the General Data Protection Regulation (GDPR) tightens up the control and processing of data for all EU citizens. It is the consequence of the EU’s desire to guarantee individuals’ privacy rights in a digital world.

The biggest difference is that GDPR has teeth. Effective in May 2018, the GDPR requires mandatory notification upon breach, with penalties of up to 4% of global turnover or €20 million – whichever is greater. Custodial sentences will also still be possible for data protection breaches under other UK legislation.

While most, if not all businesses have begun to understand GDPR, many are just not prepared. No doubt your firm will store vast amounts of information on clients, much of which would be considered sensitive data.

Not only is this data held centrally, but it also needs to be accessed by people on the move using mobile devices, via email and other channels. Even the most diligent firm is likely to have compliance gaps, unless they are already well underway with their plans. Put simply, there is a lot to do. It takes time. 


Get GDPR compliant
Accelerate your readiness
Avoid fines
Talk to the experts
Embed compliant processes
Data protection specialists

Ensuring compliance


To be GDPR compliant you’ll need to demonstrate accountability for how you store, maintain and protect both your client and employee data. You shouldn’t underestimate the effort required to develop policies, embed new processes, educate staff and ensure the right security and encryption is applied to all your devices.

There’s no doubt your firm could implement these changes by yourself. There is a wealth of information online if you have the time and resources to plough through the detail. Yet there is no set of overarching standards or template. You'll have to figure out your approach on your own.

If this doesn't sound very appealing, you can turn to experts like Oosha to help accelerate your readiness and keep you compliant. Not only does this leave you free to focus on running your business, you’ll also have the peace of mind of having a GDPR specialist on hand to provide ongoing advice and support.

Initial assessment

Initial Assessment

We'll help you assess both your operational readiness as well as your information security. Through network scans, on-site interviews and physical security checks we can quickly determine if you a meeting your GDPR obligations. And, if not what needs to be done to close your compliance gaps. Our initial assessment includes:

Automated, self-running network scans
  Scans performed by specialised tools, which are more comprehensive        compared to human spot-checks.

Onsite walk-through & role-based interviews
  One of our information security experts will interview your key staff            about your current policies & procedures and conduct a security walk-        through of your site/s.

Detailed, practical Risk Treatment Plan
  Your current GDPR and information security risks and how they can be      resolved.

Network Assessment
Operational Review
On-site Audit
Stay compliant
Cost-effective payment model
Regular network scans

Ongoing GDPR compliance

ONGOING compliance

The GDPR shouldn't be treated as a one-off, checkbox exercise. Compliance is an ongoing process, so even if you are compliant today things can change - you have to be aware if/when your compliance status is at risk. That's why our service includes regular, scheduled compliance checks. To make sure you stay compliant we provide:

Ongoing, scheduled network scans
  Monthly updates alert you to any new GDPR risks, meaning you will        never slip out of compliance.

- Policy and procedure pack
  An “out of the box” policy pack that you can tailor to your particular        situation.

Annual compliance review
  Our GDPR expert will engage with your DPO on an annual basis to          review any ongoing compliance concerns

Talk to an expert

We would love to hear from you. Drop us a line and we'll call you right back to discuss your GDPR needs.

Contact Us