Support Desk Services
Starting with a one-off ‘health check’ with you and your team, we would spend the day on site to discuss and discover your current situation (£500) (1). The report from this identifies any issues, and the most cost-effective option for you – including potentially the other packages we offer.
Then, from £149 per month (2) our qualified consultants are available to nominated individuals in your organisation during the working day to answer queries and issues. It may be a complex Subject Access Request (SAR) has been submitted, or you have a suspected data breach to deal with. We can advise the best way to handle things. We can also review your paperwork (remotely or with a visit) to ensure that your processes and procedures are in line with your policies, and in turn with the legal and regulatory framework.
Best Fit: A medium sized organisation requiring advice on a regular basis.
(1) Not necessary if JEM have already conducted a detailed gap analysis with you.
(2) Minimum term is one year. Price depends on size of organisation and the maximum dedicated time guaranteed to you. VAT is applicable.
Time Banking
Time banking with JEM couldn’t be simpler: Choose a block of time: 1, 4, 12 or more hours – valid for 12 months, and pay a one-off charge. When you have a query, contact us by email or phone, and we will respond within 1 working day although responses are likely to be faster wherever possible (1) .
We do not insist on a health-check prior to starting this level of service, but clearly the better prepared you are, the more effective the use of your banked time.
And if a particular incident (for example handling a breach that requires ongoing communication with the regulator) means we exceed your remaining time-bank, JEM will continue to work with you until the issue is resolved[2].
Costs:
- Please mail Jim.wilks@jem-gdpr.co.uk to discuss the current price list. Note: All charges subject to VAT.
Best Fit: A small organisation with irregular or ad hoc need for specialist support. When needed, it is likely to be at short notice and urgent, with managed and manageable costs.
[1] 9am – 5:30pm, Mon- Fri exc. Bank Holidays. Any delays beyond this will be responded to as quickly as possible but will result in no deductions from your time-bank. Support will be either by phone or email. Meetings generally will be by conference call or Skype. Banked time is billed in 15-minute increments. We will keep you updated on the state of your account and advise if you are running close to your limit.
[2] JEM may choose to bill at a rate to be agreed, but no more than £75 per hour, until a new pre-pay contract is agreed.
Project Services
Have your auditors suggested there is work to be done on your privacy? Are you concerned that your documentation might not deliver under pressure? Have you received a Subject Access Request (SAR), and struggled to know where to look for the relevant data, let alone be sure you’ve got it all?
It might be time to ask: Are the right people doing the right things at the right time for the right reasons?
No matter what your need, JEM are happy to deliver, be it a 1 day review or a 6 month engagement.
To date our clients have used this service primarily to understand what is required of them to move towards compliance (a gap analysis resulting in a Board report and project actions), but there are many other use cases. As qualified DPOs, GDPR Practitioners and Project Managers, all our consultants are well versed in what ought to be happening and how to make it so.
We will work with you to discover what areas you’d like covered, and suggest the most effective ways of achieving your goals. We can run ‘mystery shopper’ tests, or process walk-throughs, training courses, process mapping, and adapt to whatever suits the style of your organisation.
Best Fit:
Start up, Small or Micro business, who are looking to understand their current position and to create an action plan.
For all sized companies, support for annual or one-off events such as DPIAs, audit preparation, post-event discovery and reporting, M&A due diligence.
Also works well for events that repeat, but are of varying frequency: training, quality reviews, mystery shopper, integrating legislative updates etc.
Outsourcing the Data Protection Officer Role
As well as providing Data Privacy Services we also offer an Outsourced DPO model This is a bespoke service, designed to meet the needs of those organisations who are deemed by the regulators to require that little bit extra – typically this includes Public Bodies and those dealing with Sensitive or Personal data as a core part of their business.
You can choose as much or as little as is required, although we will advise on any conflicts-of-interest and stress points identified if certain responsibilites are kept ‘in-house’, plus options to reduce those conflicts.
Outsourcing the DPO function is a good way to ensure the independence of the role, and is specifically supported within the legislation for this purpose.
Best Fit: Where appointment of a DPO is mandatory (such as the Health sector), but the skills or dedicated resource are not available in-house