AWO supports organizations from diverse sectors – including international and humanitarian organizations, purpose-driven businesses, NGOs, startups and government agencies – navigate complex data protection environments. Our expertise encompasses various types of data processing contexts, including biometric identification systems, assistance programs, data collection platforms, social media monitoring tools, fundraising activities, and the processing of special categories of personal data.

We offer Data Protection Impact Assessment (DPIA) and Privacy Impact Assessment (PIA) services designed to support your organization’s compliance efforts. Our bespoke methodology is tailored to help you:

1. Define a scope of work: Develop a clear understanding of what needs to be assessed and provide actionable guidance for meeting compliance requirements.
2. Gather relevant documentation: Uncover all necessary information on the data processing subject to the DPIA or PIA, including internal knowledge and existing policies.
3. Map data flows and processes: Identify key stakeholders, data flows, processes, and other elements crucial to understanding your organization’s data processing context.
4. Technology review: Articulate how a specific technology functions and its role in your overall operations.
5. Establish benchmarks for compliance: Determine the most relevant standards to assess the compliance of your processing activity.
6. Identify gaps and risks: Pinpoint areas where your organization may be non-compliant, along with potential risks associated with those gaps.
7. Develop remediation actions: Create workable steps to mitigate identified risks and bring your data processing activities into compliance.

We recognize that different organizations may need different frameworks to assess the risks related to their data processing. Our experts will evaluate your organization’s operations against:

• Relevant international data protection and privacy frameworks
• Internal policies
• International best practices
• Customised data protection frameworks

Our compliance specialists have extensive experience dealing with complex, cross-jurisdictional processing environments and novel technology applications. They have gained expertise in data protection roles within principal international and humanitarian organizations, insurance corporations, and top law firms. We’ve helped clients:

• Mitigate risks related to the processing of sensitive biometric data
• Carry out monitoring of misinformation campaigns
• Identify and address risks related to processing health information