Data Protection Officer

After undertaking a data protection audit for a federation of GP practices and walk in centres, we were appointed as their external data protection officer. Each practice continues to have a data lead. We deal with data protection queries and problems which the data lead may encounter and either requires assistance or a second opinion. Issues have included where there appears to be conflicting guidance on confidentiality and GDPR or Caldecott Principles and GDPR.

We have also drafted data sharing agreements and processor agreements and assisted with a practice merger.


We carried out a full data protection audit for a firm of accountants. We drafted new data protection policies and procedures bespoke to their business.

We provided GDPR training for the partners and staff members. A data protection officer was not required for this business, but we were on hand for 6 months following the work, liaising with their data lead to answer any queries and to ensure smooth implementation of GDPR requirements.