0121 222 5630

Email Aristi Ltd Follow Aristi Ltd on Facebook Follow Aristi Ltd on Twitter Follow Aristi Ltd on LinkedIn

Our Success Stories.

You are here:

Severn Hospice.

"“I suppose the absolute test will be when the Care Quality Commission (CQC) calls for an audit which they can do at any point. With little or no warning, they can come in and test every element of our business. Understandably, a key focus right now is information handling. Aristi has filled us with confidence that we will fly through the CQC’s security checks. That peace of mind is precious. But putting their professionalism and credibility aside - Aristi also make you painfully aware of how badly things can go wrong and the consequences, if and when, they do. Cost is just one factor. Being a charity, reputation is so important. Aristi has helped minimise our reputational risk. We’re now working with Aristi to continually perfect our systems to keep us one step ahead of cyber attackers.” " Kerry Davies Director of Finance and Information

Kerry Davies, Director of Finance and Information at Severn Hospice, was concerned about how the hospice could best handle its data in a way that it complied with both GDPR and the NHS tool-kit surrounding information governance.

Severn Hospice owns two hospices – in Telford and Newport – and 26 shops across the Midlands.

The Challenge

With the introduction of GDPR came a duty for public authorities or organisations which carry out certain types of processing activities to appoint a data protection officer (DPO).

The DPO must have a certain level of independence from the organisation’s purpose for data collection – the role can be inhouse or outsourced. They must also be an expert in data protection, adequately resourced and report to the highest management level.

“We know several charities have already been fined for breaching GDPR. No matter how noble your cause, no organisation is exempt from GDPR’s jurisdiction,” says Kerry. “We hold large quantities of personal data including that of patients, staff and donors which all need to be protected with a high level of security.

“This troubled us as we hold such a large amount of very different types of data.  We lived in fear of the risk of hacking and, even worse, ransomware demanding payment in Bitcoins.

“Some of the complexities surrounding information governance and how best to appoint an external data protection officer were problems we knew we needed outside support to solve.

“A former colleague of mine had met Harj and the Aristi team at an event and mentioned them to me.

“As we needed someone we could trust implicitly, we undertook an in-depth search:  their website, Google, credit checks etc.  Aristi came across so well in terms of both their offering and their professionalism.”

The Solution
  • A GDPR review to identify any gaps in compliance and develop an improvement plan
  • A Virtual DPO service providing access to GDPR expertise
  • Monthly compliance audits to provide assurance to senior management and identify next priorities
  • A penetration test to identify any security vulnerabilities in Severn Hospice’s IT systems and provide remediation guidance.
  • Cyber Essentials Plus certification to provide assurance to internal and external stakeholders of Severn Hospice’s commitment to good cyber security.
The Outcome

“As soon as we met Aristi, we immediately gelled with them. Their depth of experience was abundantly clear. Everything worked like clockwork.  Their advice was always timely, really valuable, genuine and independent. I felt you could really trust their advice because their professionalism and reputation hangs on how well they protect us.

“Some of the changes we needed were quite worrying,” says Kerry, “But Aristi assured us that many organisations were in the same position but at least we were getting our house in order.  He made it so simple for us – advising us through the whole process, providing continuous support often at short notice.


Please contact Aristi to discuss your requirements. Filling in the form below is the quickest way to get in touch with the relevant person at Aristi.


Keep up-to-date with insights and info on all areas of Information Assurance, Information Security, Penetration Testing & Data Sharing from the award-winning consultants Aristi.

Latest Tweets

If you haven't registered for our cloud security event on 4th July, there are still a few places left. https://t.co/fBrohkOTJL
'Aristi Raiders' ready for battle on the high seas (well, the canals of Birmingham)...https://t.co/tVaWn0zIYZ
Interesting and thought provoking discussion on GDPR at the 'one year on' event today. Organisational culture and h… https://t.co/xQJha9MBML

Subscribe to our Newsletter

Latest Blog Posts

  • Cyber Resilience for Charities

    A Round Table Event for Charities Charities are increasingly reliant on IT and technology and are falling victim to a range of malicious cyber activity. The recent government Charity Sector Threat Assessment indicates that losing access to this technology, having funds stolen or suffering a data breach through a cyber-attack can be devastating, both financially and […]

    Written on Thursday, 07 March 2019
  • 10 years of Aristi by its founder, Harj Singh

    What’s in a name? The word Aristi has three meanings – security, excellence and calm. Find out where we started and where we believe cyber security to be headed.

    Written on Thursday, 24 January 2019
  • 500 million customers can’t sleep easy with Marriott data breach

    The world’s largest hotel chain, Marriott Hotels, announced on Friday (November 30, 2018) that half a billion of its customers’ data had been breached dating as far back as 2014. Marriott owns more than 5,800 properties around the world with 1.1 million rooms spread across more than 110 countries[.  That makes this incident is a […]

    Written on Wednesday, 12 December 2018