Terrence Higgins Trust is the UK’s leading HIV and sexual health charity. They support people living with HIV and help those using the services to achieve good sexual health. They are an organisation that pride themselves on placing the service user and their privacy first.
Terrence Higgins Trust (THT) identified a need to transition to more flexible working practices with the goal of reducing office space costs, reducing travel costs, and allowing staff to work effectively from any location. THT decided to move their head office to a smaller premises with embedded Agile working.
With server hardware and operating systems at the end of their planned 5-year lifespan, a full infrastructure review was conducted. Smartdesc agreed with THT that the priorities were to:
- Reduce maintenance, power and office space costs of having servers in THT offices.
- Reduce the number of organisation-wide outages caused by head office power / internet failure taking servers offline.
- Upgrade operating systems and Microsoft Office to newer, more secure, versions.
- Embed Agile in the solution design.
- Engage with staff as part of the design process.
The Smartdesc Virtual IT Director worked closely with THT to strategically look at a variety of options, costs, and benefits including RDS, Citrix, Microsoft 365 and co-location/cloud.
After a formal tender process, Information Governance specialists from Smartdesc began to work with THT and focus on areas of improvement to ensure GDPR compliance. They were responsible for implementing key changes ready for when GDPR was enforced. This included some of the following:
- Completing the Data Protection and Security Toolkit
- Data Protection Impact Assessment completion for high risk
- Raising awareness through training
- Advice and guidance on all Information Governance Policies and Procedures.
Smartdesc have provided support to THT through the successful completion of the Data Security and Protection Toolkit (formally the Information Governance toolkit). The Data Security and Protection Toolkit is an NHS online tool that organisations must complete to evidence their compliance with data protection law.
Smartdesc continue to help with operational Information Governance requirements such as leading on Data Protection Impact Assessments, completing Subject Access Requests and other queries around individual’s rights, implementing and updating privacy notices, policies, processes and procedures to ensure they meet the requirements set out within data protection law.
- Confidence when processing personal information.
- Improved policies and procedures.
- Embedded ‘privacy by design’ approach.
- Staff are GDPR trained and aware of their responsibilities.