Data Processor Audit Service
DPA Service – the efficient way to control your data processors
Contact us today to learn more about your options
In their capacity as data controllers, enterprises and authorities must ensure that all their data processors comply with applicable data protection legislation. But how is it possible to perform this potentially time-consuming and resource-intensive task in an easy and uncomplicated manner? Bech-Bruun's new digital solution is the answer to this question: DPA Service.
Our DPA Service is a digital outsourced solution that helps data controllers ensure that their data processors act in compliance with applicable rules.
Enterprises and authorities acting as data controllers are under an obligation to make sure that data processors comply with applicable rules and to be able to prove such compliance towards the Danish Data Protection Agency. Organisations failing to meet this obligation may incur heavy costs. In addition to the ever-looming fine of up to 4% of the organisation's annual revenue, failure to exercise control over data processors may result in serious leakage of data and damage to its reputation. In particular, this may prove to be a time-consuming and resource-intensive task.
An simple way to improve control procedures
DPA Service has been developed for the specific purpose of performing and documenting the control of data processors. We have combined our legal expertise with the latest technology to ensure that data controllers are able to control their data processors in a quick, secure and efficient manner.
DPA Service is a digital questionnaire developed specifically to facilitate ongoing control. DPA Service provides a hands-on insight into the organisation's data processors and their processing of personal data. This insight is communicated in operational reports on which the data controller may take action. The reports help data controllers avoid spending unnecessary resources on developing and operating own control procedures.
A simple process combined with operational reports
DPA Service is short for Data Processor Audit Service and is a digital solution for controlling data processors. The control is performed by circulating questionnaires electronically to data processors. The questions have been developed for this specific purpose by our legal experts and are updated on an ongoing basis subject to the guidelines of the Danish Data Protection Agency and applicable legislation.
After each completed questionnaire session, the DPA Service system generates an operational report that provides the data controller with an overview of the "compliance scores" of its data processors. The compliance scores are based on a legal assessment of various parameters and their importance in respect of compliance with applicable data protection law.
The results of your questionnaire session are compiled in manageable audit reports providing you with useful recommendations that will help you decide what to do. The reports are generated in a professional reporting format and may be downloaded at any time, and they will always be up-to-date.
DPA Service runs on a thoroughly tested system in which all data are encrypted and stored safely. The platform has been developed with focus on the user and it can be accessed on your computer, tablet or smartphone. The solution handles all data in a safe manner throughout the entire process, and our DPA Service is able to handle an unlimited number of data processors. The solution is designed to fit multiple needs, which means that we will be able to render you a customised version that meets your requirements.
If you are interested in learning more about our rates, please do not hesitate to contact one of or contact persons stated above.
Six simple steps
The data controller informs Bech-Bruun about which data processors should be reviewed in DPA Service.
02. Circulation of questionnaire
On behalf of the data controller, Bech-Bruun circulates digital questionnaires to the data processors.
03. Completion of questionnaire
The data processors complete the questionnaires – on their smartphones, tablets or computers.
04. Analyses and compliance scores
Having received the completed questionnaires, DPA Service automatically analyses the answers and gives the data processors a compliance score each on the basis of the answers.
05. Operational management report
The data controller subsequently receives an audit report for each data processor as well as an operational management report with information on the overall compliance level and some general recommendations.
The data controller's last step is - together with Bech-Bruun - to determine the appropriate level of a required follow-up based on the individual audit reports.