Data Protection and GDPR
The Client’s Needs
ICSR were asked by numerous clients nearing the time for operation of the Data Protection ACT 2018 and the EU GDPR to assist them with the creation of the appropriate policies and procedures to comply with GDPR. These clients included start-up and established brokers, MGAs, Lloyd’s Syndicates and London Market insurers.
ICSR’s Solution
ICSR approached the work according to the instructions received, in some cases reviewing draft policies and procedures and Data Subject Notices and in others creating bespoke wordings in accordance with the style and approach required to meet the clients existing arrangements. Following agreement on the Policies, ICSR was in many cases asked to assist with the implementation of the procedures, particularly the data subject requests, and spent considerable time with the clients on ensuring that these were implemented so as to work with and in the client’s existing operating model using existing resources.
In a number of cases ICSR have been retained to support ongoing Data Protection work.
Resources Deployed
ICSR deployed a team of resources including experienced risk, control and compliance professionals to help the clients.
Client Outcome
Our clients completed the roll-out of their new control framework on time and within budget.