Say ‘data protection’ or ‘privacy’ to most businesspeople, and their eyes roll. They know it’s important, they know they need to be on it, but it is so complex.
But say those same words to Andy Chesterman, Managing Director of Bedford-based PrivacyHelper, and his eyes light up – for he’s got a way of simplifying things that businesses will want to know about.
We managed to get some time in Andy’s busy schedule recently to learn more – and quiz him on his experience of being a Chamber member.
A career built on data
Andy’s expertise in how businesses store and move data comes from the fact that, for many years, he moved plenty of it for a living, as a marketing list broker.
As data privacy legislation in the pre-Brexit EU strengthened with the introduction of GDPR, Andy put his knowledge to good use, setting up a business that could identify clients’ data protection and privacy gaps, and advise them on how to fix them, or fix them for them.
Seven years on, with the UK out of the EU but our own data protection regime entering murky waters (more on this below!), PrivacyHelper has grown “astronomically”, and has moved from an associate model to 10 full-time, certified experts with a combined experience of 55 years in data protection handling major national and global contracts.
How does PrivacyHelper work?
PrivacyHelper starts with an audit of how data is obtained, stored, and how it “flows” in and between each of the client’s departments.
This highlights the risks and compliance gaps in a short report, with an optional action plan that can be carried out by PrivacyHelper, by the customer itself (and checked by PrivacyHelper – a process Andy describes as “marking their homework”), or by a third party.
From this position, smaller clients can choose an ongoing monthly SME service “in the same way they use a service provider to look after their IT,” whilst larger organisations can agree longer-term contracts.
In addition, PrivacyHelper engages with businesses of all sizes for ad hoc projects, urgent remediation of data breaches, outsourced Data Protection Officer (DPO) provision, and training and education.
On this last point, Andy also mentions the firm’s recently launched online training and e-learning platform, which uses video and interactive responses to upskill anything from 1 – 1000-plus employees in data protection and privacy laws, issues, and procedures.
“Prevention,” Andy reminds us, “is always better than cure.”
What are the latest data privacy watchouts?
Andy is quick to point out that lack of data protection and privacy compliance is now rapidly becoming a commercial, as well as reputational and legal, risk for many companies, as suppliers and partners decline to work with them because of these shortfalls.
He also urges companies to be clear on the forthcoming UK Data Protection Bill, and its limitations. “It’s meant to make compliance easier,” he says, “but the reality is that it only works for companies that have no EU connections whatsoever.”
“The minute you have any EU component in your supply chain, customers, or employees, you must, in addition, be fully GDPR-compliant. It makes more sense to simply comply with EU GDPR in the first place, as it is a globally accepted standard.”
Working with Beds Chamber
Andy describes the Chamber’s service as “brilliant”, and says the team has been “very supportive, given us guidance, and helped us promote our offering - but they’ve never put us under any pressure.”
“They understand we can’t attend every meeting or every event,” he continues, “but when we do, they greet us like long-lost friends.”
To enquire about becoming a Chamber member, visit www.chamber-business.com or speak to our friendly team on 01582 522448.
