Our Services

GDPR Compliance Assessment

Undertake a 5-day assessment to assess the compliance of your business and technology processes within the business. The output is an actional report for GDPR project planning.

GDPR Health Check

Many organisations have already undertaken considerable amount of time and effort to meet the GDPR enforcement date of May 2018. The 10 day GDPR health Check is an assessment of the current GDPR compliance documentation and prepare an audit analysis where this does not align with GDPR. The GDPR Health Check is a detailed report on the current state of your GDPR compliance and offers advice on remediation that may be necessary. The service is particularly beneficial for organisations who wish to deploy automated tools for compliance and potential certification in the future.

CCPA Compliance

For organisations in the UK and Europe that collect and process personal data on Californian consumers they will need to comply with the Californian Consumer Protection Act, CCPA, as from 1^st January 2020. CCPA is closely aligned to GDPR but with specific differences. HighQuest Solutions provided consulting and advisory services to assist organisations meet CCPA compliance.

Governance Management Frameworks

We provide services based on the CoBit 5/2019 governance framework. Working within this framework we provide you with the delivery of a robust governance solution for IT departments and business units. We also provide controls audits using the ISAE 3402 audit standard. This standard defines how a controls effectiveness audit should be conducted. They allow for the assessment of controls over time to confirm that they are proven effective. For these audits we use the COBIT 5, Governance Framework, and ISO27001:2013, the International Standard for the Management of Information Security, as the primary frameworks for the ISAE 3402 audit method.

Legal Advisory

HighQuest Solutions provides legal advisory for international data transfers, including Brexit implications for UK data controllers, Privacy Policy statements, consent and legitimate interest for handling personal data. 

GDPR and CCPA awareness training

One day practical training for business and senior managers. HighQuest Solutions also provide an online training course for end users in both GDPR and CCPA compliance and security awareness.

DPO and International Representation

Many clients prefer to outsource various elements within their business, and to meet these needs we offer a Data Protection Officer as a Service and for a post BREXIT age, we provide non-EU clients with EU representation service, Article 3 GDPR, and for non-UK clients we can provide UK representation service.

Data Processing Compliance

Identify and document the business process involving personal data processing to identify:

• What personal data is processed and the purpose for processing?
• Is there the correct consent or legitimate interest for processing? 
• Where is personal data stored and is it secured? 
• Who has authorised access to personal data? 
• Where is it being transferred (cross border and third parties)? 

We can conduct a detailed assessment to establish where there are gaps in compliance and provide a remediation roadmap with key requirements of the GDPR.

HighQuest Solutions can provide all the necessary compliance documentation to support Article 30, Record of Processing, and other associated documentation with GDPR, such as Standard Contract Clauses, Contracts with 3rd parties, DPIAs, LIAs, ISO 27001 ISMS and security policies. We are also able to introduce Privacy Management Software to enable our clients to maintain their ongoing compliance maturity which is normally implemented as part of our DPO as a Service.

Risk Assessment and Management

HighQuest Solutions provides ISO 27001, the standard for information protection, consulting and implementation. We also provide an audit service in preparation for ISO 27000 certification.

Security by Design

Design and implementation of security solutions for meeting GDPR compliance. We have partnered with several leading vendors to provide solutions for threat and response analysis, process execution control, data encryption and end point protection solutions. We also provide Cyber Essentials Plus service for clients who want to be certified, especially in the supply management chain.

Virtual Online Security Officer, VOSO, service

HighQuest Solutions provides an online Virtual Online Security Officer service for organisations that need to manage their risk, security policies and Cyber Essentials Plus posture. For organisations wanting to undertake Cyber Essentials Plus certification we can provide this through our specialist partners.