The Challenge

For many organisations, the General Data Protection Regulation (GDPR) mandates the appointment of an independent Data Protection Officer (DPO).

Since GDPR requires this role to be held by an experienced individual with a broad range of expertise, many organisations do not have the necessary internal resources to employ and retain a full time dedicated DPO that meets this criteria.

The Service

Whether a company requires a more cost-effective alternative solution to hiring a full time internal DPO or wants the expertise of an experienced consultant, our tailored ‘DPO as a Service’ can bridge this gap while helping manage the client’s compliance obligations under GDPR.

BH Consulting’s DPO as a Service provides a qualified and experienced data protection professional to act as the Data Protection Officer (DPO) within your organisation. The DPO works with senior management within to ensure the organisation meets its legal, regulatory, and ethical responsibilities under GDPR.

The service is provided in two parts:
  1. Advisory – To provide ongoing data protection advice in planned meetings and on an ad hoc basis
  2. Delivery of Compliance Project Tasks – Carrying out project-based tasks, to help clients meet their regulatory obligations

BH Consulting provide highly experienced data protection consultants to act as the DPO, backed up by our team of data protection specialists. Our DPO as a Service is flexible in delivery and tailored to align our service to clients’ requirements.

After an initial evaluation of gaps in current practices and procedures we prepare and implement a comprehensive data protection framework and project plan tailored to our client’s requirements.

As part of this service, we can provide a range of data protection services such as:

  • Gap analysis
  • Data mapping (ROPA)
  • Policies review and development
  • Data protection impact assessment (DPIA)
  • GDPR awareness training
  • Breach management
  • Subject access request (SAR) management
  • Transfer impact assessments
  • Privacy by design
  • Data protection audit
  • Risk assessment

We can also help you comply with Privacy regulations in jurisdictions outside the EU, such as with the California Consumer Privacy Act (CCPA) which came into effect in 2020.

This service can be carried out remotely.


The Benefits

  • Reduce the costs associated with hiring an internal full time DPO
  • Ensure continuity of service
  • Focus on your core business while outsourcing your data protection requirements
  • Avail of experienced senior consultants with wide-range expertise in data protection activities in various fields and industries
  • Develop a data protection framework for your organisation and unbiasedly monitor your compliance
  • Mitigate the risk of a conflict of interest of the DPO, required under GDPR
Read Our DPO as a Service Case Study ›

Let’s Talk

Please leave your contact details and a member of our team will be in touch shortly.

"*" indicates required fields