Speak to a lawyer
If you want to comply with the law, you get a lawyer, right? You may already have a lawyer that you trust. If not, there are some great privacy and data protection lawyers out there – and if you would like a recommendation, I’m happy to provide one.
Pros
- They will know the law (a good start!)
- If you already have a lawyer that you trust, it may be a safe bet
Cons
- This option can be frighteningly expensive
- They’re unlikely to know enough about your business and its data
- Their ideas could be more ‘legal’ than ‘practical’
In my opinion, lawyers are better placed for when something goes horribly wrong, or when you need complicated, bespoke advice on a particular transaction or project. They’re less suited to coming up with a cost effective and comprehensive privacy compliance programme.
Solve it with software
Prior to the introduction of the GDPR in 2018, there was an influx of software providers claiming to be able to solve your privacy needs at the click of a button. Some software can definitely help. But often it’s not as straightforward or as complete a solution as it claims to be.
Pros
- Software can use automation to speed up some tasks
- It can enable organisations to demonstrate performance of some privacy measures
- It can be helpful for large organisations
Cons
- Software doesn’t tell you how to build a privacy compliance programme
- It requires someone who knows privacy law and how to use the software
- Software often appears complicated and lacking in structure
- Software only automates some of the tasks associated with privacy compliance, such as subject access requests and auto deletion
- There are often additional integration expenses and other hidden costs
There is no software solution that can do the whole job for you. Technology can be useful, but organisations will still require a knowledgeable individual to assess the landscape, and deploy software appropriately. It can be expensive to implement, especially when additional consultancy and integration fees are taken into account.
Do it yourself
If you have the time and the enthusiasm, you can tackle privacy compliance yourself. There are lots of free resources on the internet including the ICO’s own website. It can be time consuming and daunting though.
Pros
- There are no consultancy or software costs
- There’s plenty of free information available online
Cons
- It’s difficult to know where to start, or what to prioritise
- It’s easy to feel overwhelmed – there just seems to be so much to do!
- It requires a huge time commitment to read, learn and implement everything without really knowing whether you are doing it right
In short, this approach is ok if you don’t have the money right now for a quicker and more effective solution.
Employ somebody
Many organisations opt to employ somebody well versed in privacy matters if they don’t already have someone with the knowledge within the organisation (or the enthusiasm to retrain).
Pros
- They should be an expert and will get to know your company and how it processes data
- They will always be available to answer questions
- Potentially, they can act as your DPO
Cons
- The right person can be difficult and very expensive to recruit and retain
- If they don’t succeed in building a sustainable, demonstrable programme which spreads knowledge among other stakeholders, that knowledge is lost when they leave
- They may still need the support of software to make their job easier
Get the right person and this is a good solution, but that’s not always a given. Not only do they need the privacy expertise, but they need to be able to motivate your leadership team and staff to embed a culture of privacy within your organisation.
The Privacy Compliance Hub
The Privacy Compliance Hub offers a simple, structured, comprehensive, privacy compliance programme to best manage your risk. Built by tech lawyers with a proven track record of protecting the reputations of leading organisations, the Hub builds a culture of compliance within your organisation, making it easy for everyone to understand privacy and commit to protecting it.
Pros
- The Hub successfully reduces the risk of fines and tarnished reputation
- It enables you to understand the requirements and confidently implement them
- It includes relatable training content so everyone’s on the same page
- It provides the required data protection assurance to your clients and partners
- You’ll have access to powerful reporting tools, so you can always demonstrate your compliance
- It’s cost-effective
Cons
- It isn’t a silver bullet
- You still need a nominated project manager (can be internal or external) to drive the programme contained within the platform
We built the Hub to be the simplest and most cost-effective privacy compliance solution for organisations of every size. It tells you what to do and how to do it, it gives you everything you need, and it enables you to demonstrate your compliance, all in one place.
Want to find out more? Get in touch.