We will discuss with you the background, concerns, priorities and get to know you before we starting working on the matter at hand.

Clearly defined outcomes

We will work with you to agree outcomes that are positive, sustainable, specific and offer choice.

Mutually agreed approach

We won't start work on anything without your understanding and agreement. This is your business, your journey and your concerns - so it's all about you!

How we can help you:

Working with you we can provide subject matter advice in the following ways: 

Data Protection related:

  • Data Protection Impact Assessments
  • Subject Access Requests
  • Complaints 
  • Security incidents & breaches
  • Procurement and tender exercises
  • General data protection project support
  • Compliance framework implementations

Information & Records Management Related:

  • Digital transformation projects
  • Digitisation projects
  • Microsoft 365 deployment advice
  • Procurement and tender exercises
  • Offsite storage management
  • Creation and implementation of frameworks to manage records

Benchmarking you against various ‘data’ related compliance requirements we can provide the following: 

  • Data Protection audit & report
  • Information Governance audit & report
  • Information & Records Management audit & report
All three areas of assurance are benchmarked using our compliance framework which we will share with you as part of our assessment. 

In the areas of:

  • Data Protection/GDPR
  • PECR/Marketing Consent
  • Freedom of Information &/Or Environmental Information Regulations
  • Information Risk
  • Information Security
  • Information & Records Management
  • Data Quality & Management

When looking at your compliance we’ll cover the various requirements in these main areas. Tried and tested, we can edit this framework to meet your needs and scope the areas applicable and give you a current state assessment, risks and action plan to move forward! 

Third Parties

How are third parties managed? Are standard contractual terms in place? How are information requests handled and information exchanged between organisations fairly, lawfully and securely?


Policies, procedures, roles and key governance processes to oversee and support the framework. From Privacy by Design through to how your compliance regime is managed.

Risk & Assurance

From identification, assessment, mitigation and acceptance we look at the lifecycle of information related risk.

Records Management

How are records managed from creation, to use and destruction/archive? Is records and information management embedded into the organisation?

International Data Transfers

Is your data local or is it elsewhere? UK or further afield we can determine the current status and what actions are needed to navigate international transfers.

Requests & Complaints

Procedures and templates for managing information requests. This also includes issues hampering request handling and best practice.

Security & Incidents

What controls are in place around Cyber Security and wider information security? Do these 'talk' to each other? Is Cyber Security / Technical Security part of the Information Governance framework?

Culture & Training

Do staff fear information or data? Do they know who to speak to? Can they answer basic questions or is information care still way down the priority list?

Get in touch


We’ll only use this data to liaise with you about your query. Once we’re working together, it will form part of your arragement with us. Read more here

Phone: + 44 7970 317446
Email: info@lighthouseig.com
Lime House, 75 Church Road,
Tiptree, Essex CO5 0HB
MON-FRI 09:00 - 19:00, SAT-SUN CLOSED