Free resources

The GDPR has significantly transformed the global data protection landscape. The Regulation gives EU residents more power over their privacy and personal data, and places stricter controls on the organisations that handle this data.

GRCI Law are data protection, data privacy and cyber security specialists. Our team is led by experienced DPOs, lawyers, barristers, and information and cyber security experts. Our free resources aim to offer advice you can trust to help you make an informed decision about your needs when it comes to data privacy and cyber security protection and compliance.


Panel discussion | Last year’s privacy and cyber security lessons and how to prepare for an unpredictable 2022

Panellists:

  • Alan Calder, Founder and CEO of IT Governance
  • John Potts, Operations Director, GRCI Law
  • Cliff Martin, Incident Responder, GRCI Law

The challenges of the COVID-19 pandemic, the large-scale shift to remote working and emerging cyber security threats created some of the most demanding operating conditions for organisations ever seen.

With 2021 behind us, it is important to reflect on how cyber security and privacy incidents affected organisations worldwide and the lessons they can learn to operate safely in an unpredictable 2022.

Read more





Flash briefing | 20 minutes on how to handle a data breach

Delivered by:

  • John Potts, Operations Director, GRCI Law
  • Cliff Martin, Cyber Incident Responder, IT Governance
  • Martin Fletcher, Consultant, DQM GRC

According to Mimecast’s State of Email Security 2020 since the pandemic began, phishing attacks have increased in 63% of organisations.. In addition, Verizon’s 2021 Data Breach Investigations Report found that 36% of data breaches involved phishing, and 85% of breaches involved a human element.

Read more


Free infographic | Beginner’s guide to data breaches and the GDPR


Download our free infographic to get a basic understanding of how to handle data breaches under the GDPR (General Data Protection Regulation).

The GDPR sets a strict 72-hour window for an organisation to report certain data breaches. Our infographic outlines the steps to take when handling a data breach.

Free PDF download | The Data Breach Survival Guide


Download this informative guide to:

  • Understand the importance of being prepared for breaches;
  • Appreciate why preventive, detective and responsive measures are all important;
  • Get a step-by-step walkthrough of a typical breach response process; and
  • Understand your regulatory obligations with respect to breach reporting.

Data Subject Access Requests (DSAR) brochure


Under the GDPR, data subjects have the right to request access to the personal data processed or collected about them by an organisation. This request is known as a data subject access request or DSAR.

Collating relevant information to respond to DSARs can be challenging and time consuming, particularly as the requestor’s identity must be verified, data should be screened and third-party consent may need to be obtained.

To find out how GRCI Law’s DSAR as a Service can help your organisation manage the DSAR process on your behalf to ensure compliance with the GDPR, download our brochure.

Panel discussion and Q&A | Privacy and compliance challenges organisations face in 2020


With Brexit looming large and COVID-19 creating new challenges and opportunities for privacy professionals, our GRCI Law’s data protection experts answer burning privacy questions in this panel discussion and Q&A session as they discuss the key privacy challenges organisations face in 2020.

The panel consists of specialists in data privacy and GDPR compliance who have vast experience managing data subject access requests, data breach reporting, the DPO’s role and responsibilities, EU data transfers, contractual rights and general GDPR/DPA compliance.

  • Host and moderator: Christina Maclean, Head of Business Development
  • Panellist: John Potts, Head of DPO, DSAR and Breach Support
  • Panellist: Rachel McKinney, Head of Data Privacy Management

Read more

Webinar | Managing data subject access requests (DSAR) in a timely and cost-effective manner


The enforcement of the General Data Protection Regulation (GDPR) in May 2018 eliminated the cost barrier (in most cases) for an individual to submit a data subject access request (DSAR), increasing the burden on organisations to provide their customers with their records in a shorter amount of time at no cost.

Therefore, handling DSARs in line with the GDPR’s requirements and ensuring that there is suitable evidence of processing a request can be a challenge for most organisations.

DSARs are becoming increasingly common, and failure to respond can lead to the data subject making a complaint to the Information Commissioner’s Office (ICO), which could result in serious fines and sanctions.

Read more

Free PDF download | The Data Protection Officer (DPO) Role – A beginner’s guide

Under the GDPR, many organisations are required to appoint a DPO. Are you one of them? Find out what the DPO does, if you need to appoint one and how to fill the role in this easy-to-read guide.

This guide explains:

  • What a DPO does;
  • When organisations are required to appoint a DPO;
  • Where they should appoint their DPO;
  • How the DPO fits into the organisation;
  • The experience and qualifications a DPO needs; and
  • The benefits of outsourcing the DPO role.

Webinar | Challenges for data protection officers (DPOs)


Learn about the key challenges of Data Protection Officers (DPOs) .

According to the IAPP (International Association of Privacy Professionals, as many as 75,000 new DPOs are now needed globally. However, being a relatively new role, there is a vast shortage of talented candidates and a lack of understanding as to what the role of DPO entails.

Finding the time to adequately execute the tasks and responsibilities could prove challenging. While a DPO must have access to all personal data processes and activities within the organisation, the complexity of the job role can often prove challenging.

Read more

Free PDF download | GRCI Law Corporate Brochure

GRCI Law is a legal, risk and compliance consultancy firm, advising clients in the fields of data protection, data privacy, cyber and information security law. We are at the forefront of developments in this constantly evolving, challenging and complex field.

To find out more about us and the services we offer, download our brochure.

Loading...