Company Announcements

GRCI Law releases new Privacy as a Service product

Source: RNS
RNS Number : 0098E
GRC International Group PLC
03 November 2020

GRC International Group plc


GRCI Law Limited releases new Privacy as a Service solution to help organisations effectively manage their data privacy compliance


GRC International Group plc (the "Group") is pleased to announce that GRCI Law Limited ("GRCI Law"), its legal, risk and compliance consultancy subsidiary, has released a new, flexible Privacy as a Service (PaaS) solution that is designed to help organisations efficiently manage their compliance requirements under privacy regulations such as the General Data Protection Regulation (GDPR).

As regulators step up enforcement across Europe and adopt a more vigorous approach, it is vital that organisations effectively manage their requirements and put robust plans in place for when the UK finishes its transition period from the EU on 1 January 2021.

PaaS is a transparent, streamlined solution that is designed to help with three tiers:

·    The GDPR Advice Service gives organisations access to unlimited advice and guidance from experienced data privacy consultants, allowing organisations to get prompt answers to critical GDPR questions and receive expert advice on a broad range of data privacy issues, including data subject access requests (DSARs), Article 30 records of processing and data breach reporting. The service also includes a monthly newsletter on noteworthy GDPR updates and privacy news to ensure clients stay abreast of the latest trends, rulings and best practice.

·    The Data Privacy Manager Service takes GRCI Law's support one step further, providing a dedicated data privacy manager and unlimited advice and guidance on compliance with the GDPR and Data Protection Act (DPA) 2018. It includes a gap analysis; an action plan; policy reviews; guidance on handling data protection impact assessments (DPIAs), DSARs and data breaches; monthly activity and quarterly management reports; and an annual compliance audit.

·    Incorporating all the support provided by the GDPR Advice Service and Data Privacy Manager Service, the DPO as a Service provides a dedicated DPO who is registered with the relevant supervisory authority and is truly independent, so there are no conflicts of interest with other business activities. The DPO provides hands-on support to manage an organisation's compliance and fulfil their obligations under the GDPR.

Christina Maclean, Head of Business Development at GRCI Law, said:

"We're pleased that GRCI Law can provide an all-encompassing privacy advice and support solution to organisations of all sizes. Our highly experienced team specialises in advising on data privacy, cyber and information security, which means clients have access to experts with a proven track record - and who can provide pragmatic, commercial advice on a wide range of privacy management and compliance matters when they need it and in a way that suits them."

To find out more about the PaaS by GRCI Law, visit


About GRCI Law

GRCI Law Ltd is a subsidiary of GRC International Group plc.

GRCI Law is a legal, risk and compliance consultancy firm, advising clients in the fields of data protection, data privacy, cyber and information security law.

Led by a team of experienced data protection officers, lawyers, barristers, and information and cyber security experts, GRCI Law provides DPO, breach, data privacy management, and data subject access request support, and associated non-reserved legal services.

About GRC International Group

GRC International Group plc is the holding company for a group of companies providing a range of products and services to address the IT governance, risk management and compliance requirements of organisations to enable them to meet the commercial requirements and regulatory standards that are now in force, or are coming into force, in these areas. The Group is incorporated in the United Kingdom and operates a one-stop-shop that helps customers source, deploy and/or integrate an appropriate mix of solutions that focus on cyber security and cyber resilience, data protection, PCI DSS, penetration testing, management standards such as ISO/IEC 27001 and ISO 22301, and Cyber Essentials.

Press Contact

Cameron Troake, Group Head of Communications

GRC International Group

Phone: 07983 623150 



This information is provided by Reach, the non-regulatory press release distribution service of RNS, part of the London Stock Exchange. Terms and conditions relating to the use and distribution of this information may apply. For further information, please contact or visit

RNS may use your IP address to confirm compliance with the terms and conditions, to analyse how you engage with the information contained in this communication, and to share such analysis on an anonymised basis with others as part of our commercial services. For further information about how RNS and the London Stock Exchange use the personal data you provide us, please see our Privacy Policy.