Data Protection People see massive increase in services dedicated to helping businesses navigate data protection legislation

One of the UK’s leading data protection consultancies, Data Protection People who are responsible for protecting data has seen substantial growth of over 45% from the previous year to hit revenues of £2m plus. Its recently formed cybersecurity consultancy services also experienced a significant growth rate of over 140%, demonstrating the critical need for businesses to protect their IT environments from the current threat landscape.  

Since being founded in 2015, the company has established itself as a leading provider of data protection and privacy consultancy services in the UK helping over 460 customers understand data protection and privacy laws including P&O Ferrymasters, Glasgow Rangers and many major retailers. Its team of 25 data protection law and cyber security experts offer a portfolio of over 70 products and services. 

The business went through the lengthy process of becoming a Qualified Security Assessor (QSA) for the Payment Card Industry Data Security Standard (PCI DSS), the rules every organisation taking payments by debit and credit cards must follow, making it one of only a handful of UK businesses to boast the title of being a certified QSA.

As a result of its continued success in both the data protection and cybersecurity space, Data Protection People is now looking to grow its team further. In April ’23 alone, the company created four new job roles including a Business Development Manager, Subject Access Request (SAR) Manager, Data Protection Consultant, and recruited another law graduate to join its support desk team.  A further seven jobs are expected to be created by the end of the year.

Philip Brining, Co-Founder & Managing Director of Data Protection People said, “We’ve got a fantastic team in Leeds and we’re really proud of the law graduate scheme we’ve developed.  Bringing young people who are new to the world of work into our support team and working with them to develop a wide range of skills to become data protection officers, auditors, trainers, and cyber security consultants is key to what we do.  It’s just fantastic to watch them develop.  We’ve just recruited another law grad and expect to add to the tally during the year as we progress them into different roles.” 

The past few years have seen significant change and uncertainty in data protection law. The introduction of the General Data Protection Regulation (GDPR), Britain’s exit from the EU, and Government discussion around watering down the UK’s data protection law through the Data Protection Bill that is currently working its way through Parliament have caused much confusion. 

Brining continues, “It’s been hard for businesses to keep track of changes in the law and way it is applied, plus the current uncertainty as to whether the Data Protection Bill will come into effect is not helping. If British rules diverge from the EU rules, a business operating in both the UK and EU will have even more complications heaped upon their business processes. It’s no wonder people can feel out to sea with and confused by data protection law but our mission at Data Protection People is to make data protection easy: easy to understand and easy to do. I’ve been chanting that mantra for almost two decades now.”

Change has not been confined to data protection laws. Two of the international standards that Data Protection People work with have also recently changed the PCI DSS and ISO 27001.  

“The opportunities in cyber are probably greater than the privacy market. Firstly, it’s more established, cybersecurity usually has an owner in an organisation, and a defined budget.  The threat landscape is rapidly evolving too with every single organisation being a potential target. Our cyber practice has been a success since launching but this year we’re putting a concerted effort into growing it further.  We’ve already recruited a dedicated sales team, signed up several referral partners and expanded our team of consultants operating in this area.  We have some great customers and expect that to grow during the year, comments David Hendry, Co-Founder & Commercial Director of Data Protection People. 

“Covid drove tons of businesses to adopt card payments as their preferred method: even my window cleaner only takes cards these days. The move to version 4.0 of the PCI DSS will affect every single merchant taking card payments and we spent last year getting ourselves into a position where we can help with any queries they have,” concludes Hendry.