FBC Manby Bowdler work with Oyster IMS’ Data Protection practice, providing external support and oversight to the in-house team to help maintain compliance with Data Protection regulations.
Overview
With roots stretching back nearly 200 years, FBC Manby Bowdler (FBCMB) are a team of exceptional local legal experts who are passionate about uncomplicating the legal process for people throughout the West Midlands and Shropshire.
Challenge
Oyster IMS was initially engaged by FBCMB in 2018 to deliver a GDPR Risk & Readiness Assessment – a short, sharp engagement to assess their current situation against the detail of the Regulation and produce an action plan for change. With a relatively small inhouse team, FBCMB needed the support and guidance of a group of experts who were able to help close any initial gaps and ensure that a high level of compliance was maintained, reducing the risk to the firm and potential harm to the individuals of whose information they are custodians.
Solution
FBCMB commissioned Oyster IMS to oversee the delivery of the GDPR and Privacy programme and to deliver the required actions identified in the GDPR Risk & Readiness Assessment. Solution Once this initial ‘project’ phase was completed, FBCMB had established a trusted partnership with Oyster IMS, who were increasingly being relied upon to offer advice on how to handle the day-to-day challenges arising as a result of the GDPR. Seeing this requirement in several clients, Oyster IMS had already developed their ‘DPO as a Managed Service’ (DPOaMS) offering and was also increasingly being asked to provide external support to organisations who already have a DPO in place.
This second type of engagement – DPO Advisory Service – is what was needed at FBCMB to provide an extra layer of support to the inhouse team, further ensuring that the trust that FBCMB’s clients place with them for their legal matters is extended to how their personal information is processed.
The DPO Managed Service and DPO Advisory Services consist of three core components:
- Access to fully-qualified privacy professionals to provide privacy support services based on the customised assessment already carried out
- A portal-based DPO helpdesk service with contracted service levels and KPIs to ensure guaranteed responses to all questions and requirements
- A hosted instance of the OneTrust Privacy Management Software to support and automate the requirements for auditing, assessment and reporting services including full training, technical support and system administration
The helpdesk is the first point of contact with Oyster IMS, referring queries to one of the qualified privacy professionals to offer advice, guidance and / or resolutions to the many challenges that arise in the complex and developing realm of information governance and privacy.
We first engaged the services of Oyster IMS Consultants in 2018 to support us in our journey to becoming GDPR compliant. Since that time the team at Oyster IMS has been a regular source of guidance and support and together with OneTrust – enabling us to keep our data protection records and registers in one place and easily updated. We have every confidence that we are in the best possible position to deal with any data protection event.
Lyn Coughlan, Head of Compliance, FBC Manby Bowdler
Results
The support and advice from Oyster IMS have been important elements of FBCMB’s Data Protection programme. As part of the service, Oyster IMS’ consultants have been able to provide:
- Advice and guidance to the organisation or DPO, senior managers and / or the privacy team on GDPR compliance
- Assistance and advice on communications with the ICO, ensuring that all communication is appropriate and timely
- Assistance and oversight with DSARs, especially those with a greater level of complexity
- Best practice advice and benchmarking from across the Oyster IMS client base and wider Data Protection community