Our Services

We offer a range of comprehensive and bespoke services to meet your business needs. Contact us now for a friendly, no obligation discussion or to request more information about our consultancy services. We support clients across the UK and globally

Want to discuss your options?

Contact us now for a friendly, no obligation discussion or to request more information about our consultancy services. We support clients across the UK and globally.

Data Protection Officer Package as a Service

This is an Outsourced DPO service. The service seeks to provide your business with a good level of compliance. Our data protection experts support you to ensure that you have a helping hand on standby for those unexpected matters or issues.
We offer a silver or a gold package, tailored to your business needs.

Information Security Management

Managing information security incidents is an essential part of protecting your information assets, building customer trust and maintaining business continuity. We understand that information security can be daunting but we can help you implement preventive measures, we can also provide urgent data breach support and guidance when you are responding to an incident. We can cater to all of your information security needs through a wide range of services including:

Records Management advice

Making good use of the all your information can have numerous benefits to your business. Good records management is as an essential part of data protection compliance. It is important that your business manages data lifecycles effectively from start to finish, including:

Policy & Procedure drafting

Policies and procedures are integral part of demonstrating Information Governance compliance. A good policy and procedural framework will help your staff understand what is required of them and help your business to manage and mitigate information risk.

We can support you in:

We can assist with any policy and procedure requirement, including but not limited to:

Privacy notice drafting

Under Data Protection legislation, all businesses who handle personal data are obliged to ensure that both customers and employees are accurately informed of how their information is used. Presenting all this information in a clear and structured way can be difficult – we have got you covered.

CCTV & Surveillance advice

If your business has CCTV or any form of surveillance monitoring in place there are several legal obligations that you must adhere to. Our services are aimed at ensuring you adhere to your obligations arising from the Surveillance Camera Code of Practice and the Regulatory Investigatory Powers Act 2000. Our consultants can produce Data Protection impact assessments to help identify, manage and treat surveillance risks.

Information sharing & processing contracts

Under Data Protection legislation, businesses are obliged to have contracts governing the sharing or third party use of information. The type of contract required will vary depending on the nature of the relationship between the parties and the scope of the geographical area that information being shared across.

Our services extend to:

Staff Training

Staff can be your best asset or your greatest risk. It is important to keep staff trained on Data Protection and wider Information Governance issues. Best practice is to train staff annually. If your business is involved in a serious information security incident, one of the first questions the regulatory body will ask you will be… what percentage of staff have been trained in Data Protection in the last 2 years?


We also offer complimentary follow up support as part of our training packages to answer any further queries you might have.

For more information visit our training services page

Data Protection Rights support & management

Our services can help you manage all Data Protection rights requests. Your customers and employees have numerous Data Protection rights:

We provide dedicated support and expertise on all areas of data subjects rights. Managing these requests can be complicated and time consuming. We can support from the outset with identity checks, search obligations, right through to closing the request. Data Controllers are obliged to deal with requests in one calendar month, so time is of the essence. We can support you immediately.  

Subject Access Request Support

Processing subject access requests can be complex and time-consuming. We can provide dedicated support:

Small-Medium Enterprise (SME) Package

This package seeks to provide SMEs with a good level of compliance and ongoing support. We offer around the clock support to ensure that you have a helping hand on standby for those unexpected matters or issues. We will conduct a gap analysis to assess your compliance and address all the areas where you may need support including:

The Package will be tailor made to your business and is designed to improve trust & confidence in how you handle customer and stakeholder information. We manage compliance to help treat the risk of legal claims or enforcement action against your business.


Data Protection Gap analysis

The GDPR gap analysis service assesses the extent of your organisation’s compliance with Data Protection legislation, and helps your business identify and prioritise the areas that you should urgently address. This is a great tool for both newer businesses and those more established businesses who feel that the compliance measures could do with a refresh.

NHS Data Protection & Security Toolkit support

If you are an organisation that has access to NHS patient data and systems, you have an obligation to complete and comply with the Data Security and Protection (DSP) Toolkit. The Toolkit enables organisations to measure their performance against the data security and Information Governance requirements mandated by the Department of Health and Social Care (DHSC).

Information audit/record of processing activity

Under Data Protection legislation, all businesses are obliged to document what information is used, collected and stored, and for what purpose. Collating all this information in a clear and structured way can be time consuming and complex. Our consultants are here to help.

Freedom of Information & Environmental Information support

The Freedom of Information (FOI) Act 2000 & Environmental Information (EIR) Act 2004 provides public access to information held by public authorities. It does this in 2 ways: public authorities are obliged to publish certain information about their activities; and members of the public are entitled to request information from public authorities. Our services are designed to assist both:

Start Up/New Business Package

Here at Midland Data Protection we offer a complete Data Protection Start Up Package for new businesses. We will make an assessment on your needs and create a bespoke package for your business, some of the items we may help you with are as follows:

The package is designed to help you get up and running, it does not tie you into long term support. Although we do offer long term services if you feel you would like a helping hand on stand-by.  


Data Protection for Health and Social Care Organisations

We are specialists in the area of health and social care and understand the varying legal obligations that impact on the way you handle patient, service user data and client data.

We understand the various standards that you must have regard to, and our consultants have a vast amount of experience working with the Care Quality Commission, Public Health England, the Department for Health & Social Care and the NHS.

We have in-depth experience of working with:

We understand that keeping up to speed with all the Data Protection requirements can be complex and time consuming, we offer around the clock support to help you along the way.