Blog PostRisk and Regulatory
Data Protection: Five years on from GDPR
View all

Since GDPR and the Channel Islands data protection legislation were implemented 5 years ago, personal data has become increasingly valuable and its protection more critical than ever before. Getting it wrong can be costly – for your reputation and your pockets.

We sat down with Ed Mason-Smith, data protection expert and director here at CBO, to shed light on how to keep GDPR from being a headache, why we should be thinking about it in May 2023 and how trusted firms like CBO can support.

Why is data protection so important?

Ed: Data protection is crucial because it ensures that personal data is collected, processed, and handled securely and responsibly. As the amount of data being processed by companies continues to increase, there’s a higher risk of data breaches and non-compliance. If an organisation’s data does not have appropriate controls resulting in a loss or other impact, it can result in significant reputational and financial damage for organisations, as well as a loss of customer trust.

That’s why it’s essential that businesses understand their data, policies, and processes so that they can understand their compliance with data protection regulations.

What are GDPR and equivalent Channel Island Data Protection legislation?

Ed: The GDPR (General Data Protection Regulation) and equivalent Channel Island Data Protection legislation came into force in May 2018. They set out strict requirements for organisations that process personal data. This regulation changed the privacy landscape, and businesses across the globe as well as locally, have had to align their operations with GDPR requirements. Organisations need to ensure that processes and controls are in place to identify and manage the data they hold or process and that risks associated with this data are mitigated.

How can CBO help organisations overcome these challenges?

Ed: Our team of qualified data protection consultants can provide practical, actionable guidance based on industry best practice and our experience delivering successful change within organisations.

We offer a range of services, including Data Protection Health Checks, which are tailored to GDPR and Channel Island Data Protection legislation. Our Health Checks can help organisations understand their regulatory obligations and what they need to do to address any gaps or risks. We take a risk-based approach to data protection to ensure that changes required to achieve or maintain compliance are pragmatic and can be implemented effectively.

Can you tell us more about the Data Protection Health Checks you offer?

Ed: We understand that every organisation’s situation is unique, which is why we offer three levels of Data Protection Health Check.

Our Rapid Review provides a Red-Amber-Green (RAG) Report against a standard set of processes and policies recommended for compliance and includes recommendations for remedying any compliance gaps.

Our Targeted Health Checks are a more focused, risk-based analysis of an organisation’s data protection compliance, including a risk register and an Implementation Plan to address each risk.

Finally, our Full Data Protection Audit is a comprehensive and detailed audit of an organisation’s data protection requirements. It provides a suite of project governance documents that set organisations up with a fit-for-purpose structure to deliver the required changes to achieve compliance.

Why choose a CBO data protection health check?

Ed: CBO is a well-established and respected professional services firm that has a team of experienced and certified data protection consultants. We can help firms assess their compliance level, identify potential risks, and provide practical solutions to address any issues. CBO’s approach is tailored to the specific needs of each organisation, and they work closely with their clients to ensure that they achieve and maintain compliance.

Want to learn more?

If you are interested in learning more about our Data Protection Health Checks or speaking to one of our data protection experts, please get in contact or read our service overview here – Data Protection Health Checks – CBO Projects.

Article by Ed Mason-Smith

More risk and regulatory articles

Case Study
CBO support Ravenscroft with Risk Management Framework

Context Ravenscroft engaged CBO’s assurance services to help them mature their Risk Management Framework (“RMF”) to ensure that it was fit for purpose to demonstrate effective risk management and risk oversight. Ravenscroft’s Chief Risk Officer (“CRO”) had a desire to mature the RMF, thereby documenting and evidencing how the elements of the RMF work together […]
Blog Post
Data Protection: Five years on from GDPR

Since GDPR and the Channel Islands data protection legislation were implemented 5 years ago, personal data has become increasingly valuable and its protection more critical than ever before. Getting it wrong can be costly – for your reputation and your pockets. We sat down with Ed Mason-Smith, data protection expert and director here at CBO, […]
Case Study
Operational Resilience project supports First Central Group to achieve regulatory compliance

Context In March 2021 the Financial Conduct Authority (FCA) issued its final rules requiring firms within the UK’s financial sector to ensure operational resilience. CBO supported First Central Group, a Guernsey-based UK motor insurance provider, to achieve and evidence compliance with the FCA’s rules. Approach CBO provided project management and business analysis resource to support […]
Case Study
Client data project helps financial services business meet regulatory requirements

CBO supported a locally-based independent fiduciary and fund administration business to deliver a project driven by regulatory requirements. After a period of sustained growth, the business identified the need to enhance the efficiency of its existing processes, policies and systems relating to client data management and reporting capabilities. Identifying an opportunity, the client engaged CBO […]
Case Study
The Medical Specialist Group

The Medical Specialist Group The Medical Speciality Group (MSG) is a Guernsey-based organisation providing secondary health care and services to islanders across a broad range of specialisms. In the provision of these medical services, the MSG processes a large volume of extremely sensitive personal data where adequate controls of data and processes are needed to […]
Case Study
Data protection health check for Guernsey Mind

Guernsey Mind Guernsey Mind is an independent mental health charity, promoting positive mental health for the community by providing free mental health services as well as raising overall awareness. In the day-to-day running of the charity, Guernsey Mind processes and holds a wide range of personal data. The effective protection, security, and controls over of […]
Fancy a chat? Get in touch with CBO today to discuss how we can help
CBO Projects, The Albany, South Esplanade, St Peter Port, Guernsey GY1 1AQ
+44 (0)1481 729161 coffee@cboprojects.com
25, Pier Road, St Helier, Jersey, JE1 4HF
+44 (0)1534 486091 coffee@cboprojects.com