I have experience and qualifications in assessing the legal requirements for personal data protection, in privacy program management and the jurisdictional requirements for cross border personal data flow.
In simple terms this is what privacy management provides:-
1) An assurance of compliance against privacy litigation
2) Correct management of personal information
3) Strategies for the management of privacy processes to reduce the reputational damage from a breach
4) Strategies for the management of and damage limitation from a breach in the unfortunate circumstances of it actually happening ..
I can do this in two ways
1) be your Data Protection Officer
2) be your Privacy Manager
In 2017-2018 I worked with the Cabinet Office Government Digital Service (GDS) privacy manager to ensure that all my projects were GDPR compliant
I investigated cross border transfer aspects of the procurement of Online Tools (Art.44-50).
Assisted with records made of the legal basis of processing and storage of data for various projects (Art.30)
Investigated the legal bases of processing vs data subject rights (Art.12-23).
Designed privacy policies for various projects including for the GOV.UK platforms (Art.25)
Undertook multiple Data Protection Impact Assessment (DPIAs)(Art.35) for GOV.UK platforms.
Undertook Privacy Impact Assessments (PIA) (Art.36) together with Data and System design (Art.32)
Assisted the Cabinet Office Data Protection Officer (DPO) in the delivery of his responsibilities (Art 37-39)
I have studied with the International Association of Privacy Professionals and hold their Certified Information Privacy Professional/ Europe (CIPP/E) and the Certified Information Privacy Manager (CIPM) certifications verifiable from this page
I am expert in European and British privacy law having been examined on this body of knowledge and in privacy program management on this body of knowledge
I am also expert in Privacy Engineering, a super-set of the Information Security controls with which I have worked for some 20 years and hold the NCSC CCP, and ISC2 CISSP and CCSP certifications.
