Data Protection Services
DPO Consultant Services
Data Privacy Framework Implementation Help
Data Privacy Assessment and Audit Consultant Support
Data Privacy Records Management Consulting Support
Data Privacy and Protection Staff Training Consultant
Home Slide
Data PRotection SERVICEs
Are you covered? We provide data privacy and protection services when you need them!
Image not available
Image not available
DPO Service
Data Protection officer
We register as your DPO with the DPC. No fuss, no delay! fully qualified professional DPO whose up to speed with the latest legislation.
Image not available
Image not available
Frameworks Slide
ISO 27710 / NIST
We help you implement a privacy framework!
Image not available
Image not available
Auditing Slide
DPIA's / DLP Policies / Risk Register Remediation & Processor Due Diligence
Image not available
Image not available
Records Management Slide
records management
We support GDPR requirements for management of ROPAs / BCRs / DSARs / Processor Agreements & Data Retention polices.
Image not available
Image not available
Corporate Training
Corporate Training
Onboarding, Annual Compliance, AppDev Privacy Controls & CyberSecurity Training!
Image not available
Image not available
previous arrowprevious arrow
next arrownext arrow
an image of security and data privacy governance frameworks used by

Outsourced Data Protection Services

an image of security and data privacy governance frameworks used by

Data Protection Consultant Services

We Register as your DPO

Handle Customer & DPC Queries

Manage Required Records

Conduct Impact Assessments

Comply with the Latest Legislative Mandates

Comply with Training Requirements

Design & Implement PbD Objectives

Steer AppDev on Embedded Controls

Implement Key Policies (Employee Monitoring / CCTV / Anonymisation / Encryption etc)

Review DLP / WAF / SIEM Policy Bases

Liase with Security / IT / Legal / HR and other areas on privacy matters

Flexible resource from as little as an 8 hour commit PMO

Get the support you need now

Avoid agency fees and fixed contracts

Get an experienced privacy professional with an extensive security & legal background

No commitment with money back guarantee



  • How to security your wordpress site, ways to improve your website security

How to Secure WordPress

In this article we cover how to secure your wordpress from hackers and spammers using a few simple tips and precautions.

Featured Posts

What is GDPR & Data Privacy?

Whether you’re new to GDPR or you’ve been working with data privacy for awhile, it’s important to understand the basics of what it is and why it’s needed in the first place. The basic question for many people is, “what is GDPR?” and why does it matter?.

As this term is the number one searched term related to data privacy on Google, I thought this relatively short primer may help clear things up.

GDPR Primer

GDPR or general data protection regulations came into effect in May 2018 as a successor to the Data Protection Directive of 1995. The intention of the regulations was to create one set of rules for all EU states to follow when protecting personal data.

The regulations are mandatory as opposed to the data protection act which was a voluntary code of conduct and identifies three main parties in the data protection chain. These are a data controller, data processor and subject (an individual person) which I’ll explain shortly.

Why GDPR came into being?:

At a simple level, the rules came into place as a result of the age of big data and the internet and revelations around abuse of how our personal data was being monetised by ad-tech, data brokers, tech giants and others.

It’s widely believed that the revelations of Edward Snowden around US government mass surveillance programs which targeted US citizens but also inadvertently included EU citizens triggered alarm bells in Europe and pushed the issue of data protection to the fore.
Another major case recorded was Max Schrems vs Facebook Ireland in 2013 in an action where Schrems won.
The issue at hand was with respect to Facebook’s failure to get his consent to transfer his personal data back to the US for further processing. This of course had larger ramifications for all EU citizens data and how it was automatically transferred outside the EU without knowledge or proper supervision.

More >>

Data Privacy Trends

Over the last number of years, we’ve witnessed a surge in regulatory activity on a global scale. Last year, saw an incredible average of 220 regulatory change alerts per day in the financial sector alone.  A ten fold increase over ten years.

We of course saw GDPR implemented in 2018 but this has spurred a raft of follow-up legislation internationally at the country and state level. I mentioned in my previous article What is GDPR? developments with the data protection acts of 2018 in Ireland and the UK.

These changes are essentially refinements and in some cases dilutions of GDPR regulations. But what about the US? Well in 2019, 5 US states alone implemented new or updated data privacy laws whilst in 2020, California implemented sweeping changes with it’s CCPA regulation (“What is CCPA?”:Related Article) while New York enacted it’s data privacy updates with the implementation of it’s Shield Act which strongly focuses on data safeguards, expands the definition of private (personal information) and strengthens it’s breach notification rules in instances where HIPAA or Graham-Leach-Bliley doesn’t take precedence.

Developments on international transfers have also been to the fore in 2020 with the ruling on the invalidity of the EU-US privacy shield “Privacy Shield is struck down”:Related Article muddying the waters for US companies doing business in the EU. It’s safe to say that each regulation has it’s own nuances which is further complicated by the fact that many companies operate under multi-jurisdictional data privacy rules which are often subject to conflicting interpretation.

Perhaps one of of the more interesting trends in compliance, is the rise of AI and underlying technologies. I refer back to my article on CCPA regulation and the section on Innovation Automation. Where I highlight 3 companies and their approach to specific data privacy challenges.

It’s apparent that regulated firms, globally, have been overwhelmed by the burden of regulation and they need automation and skilled resources such as legal compliance help, privacy practitioners (such as myself) and regtech solutions integrators to address the challenges.
Fines and reputational damage are too costly not to get it right anymore as the regulators seek to make examples as never before.

What is CCPA?

The California Consumer Protection Act or AB 375 came into effect in January of 2020 Building on pre-existing privacy laws such as CalOPPA and Shine the Light Law, CCPA was perhaps a logical step by the California state legislature to respond to mega breaches of the Equifax (147m records) variety and the reckless behavior of Facebook in the Cambridge Analytica scandal.

So what’s in the CCPA regulations?
Applicability: It applies to any qualifying business, in any country who has customers or employees based in California. Qualifying businesses being those who have annual gross revenues in excess of $25 Million or trades data on more than 50,000 customers annually or derives 50% or more of it’s annual revenue from selling personal information.

Sanctions: California consumers may invoke the new law where enforcement actions may include a $2,500 penalty per record for an unintentional violation and $7,500 penalty for an intentional violation. (If Cambridge Analytica happened today, that would be 50 million multiplied by $7,500 or 375 with nine zeros).
At a lower level, the act allows a “Private right of action” for California Residents, allowing claims of $100 to $750 per incident, whether actual harm is proven or not. This law is tied to the recently updated California Data Breach Notification Law AB 1130 which defined data in scope including driver’s license, social security number, email address, account numbers, as well as medical, health and biometric information.
More >>

GDPR | CCPA – 10 Steps to Designing the Right Data Protection Program

In a recent report by DLA Piper data breach notifications topped 160,000 and fines reached 114 million Euro ($126m) since GDPR rules came into effect in the EU in May 2018. The largest of which was recorded in France for 50m Euro against Google for GDPR violations.

In the UK the latest information commissioners office report shows that GDPR fines have tripled in the space of a year on the back of BA and Marriott rulings, while in the US, the California Consumer Privacy Act (CCPA) and New York Data Shield acts have just been enacted in 2020 and will certainly see data security perp walks of sorts very shortly if data breach history teaches us anything.
Well, let me start by saying, I’m sorry to be alarmist, but it’s my  job in security to be the squeaky wheel sometimes. So, in this article I hope to set you in the right direction if you have more than a passing interest in privacy by design (PbD) and data protection regulations, in particular how EU and US registered businesses in a post privacy shield era can better prepare for GDPR and CCPA regulations using a 10 point plan. The plan has been designed more toward medium to large size regulated firms given that budget constraints for security controls like IAM and the ability or requirement to hire a data protection officer maybe beyond reach of smaller firms.

In order to prime you for these steps, may I recommend that you have a glance at the GDPR FAQ’s from the EU commission press office, CCPA guidance from the Office of the Attorney General in California and New York Shield Act text from the NY Senate which is useful at a high level.

More >>

Data Privacy Consulting Services by Paul Rogers

Need a Data Privacy Expert?

Are you looking for a highly experienced, qualified, data privacy consultant on flexible contract terms. If so, click below to find out more about our consulting services.


“We worked with Paul to for our data protection compliance and security policies. Paul has all round experience across a range of verticals and brings his knowledge and understanding of this critically important area to the benefit of our business. We are very happy with the project undertaken and the results will have lasting impact on our business. We look forward to working closely with them on other projects and are delighted to recommend him to other companies.”

 Our Privacy Policy

Data Protection and Privacy is of the utmost importance to us which is why we take great care with how we use personally identifiable data. Click on the link below to read about our policy and alignment to GDPR and data protection acts.
The General Data Protection Regulation [GDPR] enacted in May 2018 includes a series of data protection rights which you should be aware of while using our site and services. These rights are captured in principles or articles which for the purposes of our policy constitute data subject rights. You can find our Data Privacy policy on our Privacy Policy Page