IT Governance announces launch of independent sister company GRCI Law Ltd

Ely, United Kingdom4 December 2018 – IT Governance, the leading provider of cyber risk and privacy management solutions, is delighted to announce the launch of its independent sister company GRCI Law Ltd.  

GRCI Law Ltd is a wholly owned subsidiary of GRC International Group plc that specialises in data protection and privacy law, including the DPA (Data Protection Act) 2018 and the EU’s GDPR (General Data Protection Regulation), cyber and information security, and legal and compliance advisory services.  

Alan Calder, founder and executive chairman of IT Governance, said: “GRCI Law doesn’t operate in the traditional way a law firm operates. In fact, we prefer to leave law firms to work on what they do best: dealing with time-intensive and costly legal disputes or legal disputes related to a data breach, or a class-action lawsuit related to a data, information or security incident.  

“We draw from our experienced pool of data protection, information and cyber security experts to help clients understand and deal with emerging cyber threats and address the challenges the legal and regulatory landscape can bring for businesses. With a team formed of qualified lawyers, barristers, and IT and information security experts, GRCI Law can provide independent support to clients within areas that many traditional law firms do not have the resources to address.”  

GRCI Law provides independent support and services to help clients manage their own GDPR compliance programmes, review contracts to ensure these are aligned with current legislation, and fulfil the demand for DPO (data protection officer) knowledge and practical experience through its DPO as a Service solution. GRCI Law can also help organisations respond to incidents and data breaches in line with the GDPR’s 72-house personal data breach reporting requirement with its GDPR Data Breach Support Service 

The GDPR Data Breach Support Service is designed to help organisations experiencing a data breach and in urgent need of assistance to deal with it and respond appropriately and effectively in line with the GDPR’s requirements.  

Delivered by a team of experienced data privacy lawyers and DPOs, the service provides support by identifying the nature and scope of the data breach and whether it needs to be reported, managing communications on behalf of the client with the relevant supervisory authority, drafting a breach notification to affected individuals, documenting the effects and remedial action taken, and identifying measures that can be put in place to avoid future incidents.  

To find out more about the services and solutions provided by GRCI Law, please visit the website, call +44 (0)333 900 5555 or email