Maren Winter - stock.adobe.com

New GDPR service aims to ease compliance challenges

Security consultants claim their software platform will address a pressing need for an effective and efficient means of complying with data protection rules

A new service designed and built by two data protection consultants aims to help organisations that are overwhelmed with the administrative burden of complying with the European Union (EU) General Data Protection Regulation (GDPR).

In the nearly two years since the regulations came into force, establishing and maintaining GDPR compliance has become a key challenge for organisations all over the world that hold data on EU citizens. Research conducted last year by security software supplier Egress suggested that more than half of UK businesses were not compliant.

Developed by Byron Shirley and Paul Saunders of Black Penny Consulting, a City of London-based digital transformation shop, The Compliance Space is designed to replace time-consuming spreadsheets with a more intuitive software interface that will make compliance management more effective and efficient.

Incorporating real-time legislative updates, the service is pitched specifically at specialist consultants and data protection officers who are tasked with supporting businesses as they strive to meet their obligations under GDPR.

“We developed The Compliance Space as we realised there was a gap in the market for a simple, cost-effective GDPR alignment tool specifically designed with the consultant – rather than just the business end-user – in mind,” said Shirley.

“As consultants ourselves, with several years’ experience advising businesses on GDPR alignment, we wanted to offer our clients added-value services through trusted partners. This is what The Compliance Space provides – an end-to-end compliance platform that not only reduces the administrative burden of GDPR, but helps significantly remove the risk of non-compliance by having everything managed in one place.

“For example, a data breach can be extremely costly for a business – both financially and reputationally – so consultants can be reassured that when they partner with The Compliance Space, they are offering a robust and proven system to their clients.”

Shirley and Saunders said the service will offer a complete solution for a single licence fee, in contrast to other online GDPR tools.

It incorporates nine modules covering GDPR topics such as subject access requests, managing and evaluating data privacy impact assessments, and so on, which can be accessed through a centralised dashboard that will let both consultants and their end-user clients check on progress.

Read more about GDPR

  • Back in 2000, there was no Facebook or Twitter and the smartphone revolution had not begun. Today, digital identities outlive the people they represent. Is it time for a GDPR for the dead?
  • A year and a half after the introduction of the EU’s General Data Protection Regulation, Fieldfisher’s James Walsh reviews the fundamentals of supply chain security.
  • Most organisations do not respond to requests for GDPR data in the one month allowed, while many return incorrect data. The education sector does best, but the public sector lags behind.

“As a partner of The Compliance Space, a consultancy will be fully trained on the platform, so it can confidently explain the myriad benefits to clients,” said Shirley. “It also provides access to data that will help inform its clients’ future GDPR strategies.

“GDPR is more than a one-time compliance issue – it requires a long-term approach. With this in mind, the platform also provides invaluable ongoing updates, so a consultant can be confident that it follows the latest changes or amends to the legislation, or a company’s obligations.”

Shirley and Saunders hope that the service will enable consultants to collaborate with clients to “operationalise” GDPR in the business – something that may become especially important in the post-Brexit business environment.

Read more on Regulatory compliance and standard requirements