HB&O’s GDPR Commitment

Our clients share extremely confidential information with us, so we take our commitment to data privacy seriously.

In October 2017, we engaged with a local GDPR consultancy, Risk Evolves, to ensure that:

  • Senior Managers understood the requirements of GDPR and could support staff
  • Staff were fully trained
  • Our information audit was comprehensive and robust (this looks at what data is held and taken)
  • We could confidently review the way data is processed and identify any areas for improvement
  • Our data privacy impact assessments met GDPR requirements
  • We could confidently assess our third parties’ readiness for GDPR
  • We had a policy framework and governance
  • We had robust processes for Data Subject Requests and knew what to do if we suspected a breach

To give our clients reassurance, we adopted the Information Assurance for Small Medium Enterprise (IASME) standard together with the optional module for GDPR Readiness.

Our commitment to GDPR is ongoing so we have been certified to IASME ever since. This ensures that all members of the team – old and new – understand the importance of GDPR and conduct themselves in a compliant manner.

HB&O have been certified to Cyber Essentials since 2016 and to IASME since 2018.

More information on the IASME & GDPR framework can be found on the IASME website.

HB&O’s Privacy Policy