Case StudyAssurance Services
Targeted Data Protection Health Check


The General Data Protection Regulation (GDPR) became legally effective from 25 May 2018 in all EU member states with equivalent legislation in Guernsey. The Data Protection (Bailiwick of Guernsey) Law 2017 allowed some deferrals for implementation until May 2019.

Through a GDPR Health Check, led by CBO in conjunction with the States of Guernsey Data Protection team, the purpose of the project was to review Guernsey Water’s existing data protection controls and develop procedures to embed States’ policies and enable full compliance with the new legislation. The aim was to reduce all identified data protection risks from medium to low by the end of the transition period. CBO was also asked to ensure that an appropriate action plan was in place to enable ongoing compliance beyond project close.

CBO’s Approach

CBO’s objectives were to ensure that:

  • there was a reviewed and scored Risk Register;
  • a detailed Implementation Plan was established, aiming towards May 2019;
  • a high-level data audit was completed, identifying areas of non-compliance;
  • ongoing project governance set-up and documentation was in place; and
  • the project could be effectively handed over to internal staff for delivery.

CBO worked collaboratively with Guernsey Water and the States Data Protection team to achieve these objectives, and put the appropriate measures in place to ensure ongoing compliance beyond May 2019.

CBO’s Impact

Guernsey Water has a clear understanding of the personal data it holds and has identified and sufficiently mitigated risks to GDPR non-compliance. This protects the company from the financial and reputational risks of non-compliance.

 “CBO had expertise and experience from similar projects elsewhere, which complemented the expertise of our Data Protection Officer. We were fortunate in that much of the policy work had already been completed, but embedding the new policies within Guernsey Water required significant input from ourselves and this needed co-ordination and focus. The project management and governance put in place by CBO achieved this and enabled successful delivery within the required time. Along with their collaborative approach, this was the real strength that they brought to the project.”

Steve Langlois, General Manager
Fancy a chat? Get in touch with CBO today to discuss how we can help