Data Protection is about more than just the GDPR

When determining the potential impact that data protection could have on your organisation, it is important to remember that there is more to consider than just the GDPR.

iSTORM can help you to navigate and understand the additional regulations and supporting standards which are relevant to your business and can help you map out what your journey to compliance looks like.

We are firm believers in engaging on an operational level, working with marketing, data, finance and procurement, as well as traditional key stakeholders in compliance and legal.

An effective data protection compliance framework is a cultural and business issue, not just a compliance one.

For more information on how the GDPR can be tackled, check out our blog here


iSTORM services include:

  • GDPR/Data Protection gap analysis & maturity reviews
  • Auditing
  • GDPR framework implementation support
  • Outsourced Data Protection Officer services (DPO)
  • Data Protection Impact Assessments (Review & Completion)
  • Data Flow Mapping
  • Supplier Assurance Frameworks
  • Policy and procedure writing
  • Training & Awareness (online & face to face)

GDPR Audit & Assurance solutions

At iSTORM, our audit and assurance solutions are tailored to your business.

We can help you to understand what processing is being carried out, what personal data is involved and whether the processing is compliant with internal policies and the regulatory requirements of the GDPR, Data Protection Act and PECR (Privacy and Electronic Communications Regulations).

Marketing support (Electronic and Direct mail)

When dealing with electronic or digital marketing there is more to consider than just the GDPR.

If your business engages in electronic marketing activities then consideration also needs to be given to the  Privacy and Electronic Communications Regulation (PECR) as well as industry best practices.

iSTORM has a wealth of experience in dealing with the complexities of producing effective marketing campaigns and can help you create campaigns which meet your commercial desires, while ensuring you stay in line with the law.

GDPR Gap Analysis and maturity reviews

A Gap Analysis is a great way to identify key areas of risk in relation to GDPR and data protection compliance.

Our targeted gap analysis will focus on what’s important for your organisation with the output allowing us to determine what your compliance journey will look like, and how much further assistance you may require.

If you already have good data protection framework in place then our maturity reviews can give you reassurance that everything is still compliant.

Processes, systems and controls change over time, a maturity review allows your organisation to reflect on what is already in place and helps to identify key areas for remediation. 

Richard has a thorough understanding of and real passion for everything related to data privacy. His talent for enthusing others about the topic is unparalleled, and his ability to deliver on the projects he undertakes is impressive.

Emma Thomas

Group General Counsel, HomeServe plc


Privacy - Security - Penetration Testing : Your Trusted Advisory Service



Head Office


10 John Street

Stratford Upon Avon

CV37 6UB

Tel: +44 (0)1789 608708


Company Registration Number

Company VAT Number
297 9625 30