UK AI Governance & Data Compliance

Is your practice ready for the AI compliance era?

Free tools, sector-specific guidance, and plain-English resources to help UK professional practices manage AI governance, GDPR obligations, and the risks of Shadow AI, without needing an in-house legal team.

Free 6-step assessment Explore tools

No account needed

Free to use

Sector-specific guidance

Sample AI Governance Report

AI Tools Policy High Risk

Staff AI Training Partial

DPIA Process Partial

Supplier Contracts High Risk

Board Oversight Good

Overall score

Amber, Needs Attention

78%

of UK professional firms have staff using unapproved AI tools (Shadow AI)

£17.5M

maximum fine under UK GDPR for serious data protection failures

1 in 3

AI tools used in UK workplaces process personal data without explicit DPIA review

6 steps

is all it takes to get your personalised AI governance gap report, free

What We Help With

AI is moving faster than most practices can manage

Staff are using ChatGPT, Copilot, and dozens of other AI tools, many without IT or leadership awareness. 123DPO gives you the frameworks and resources to govern AI use responsibly, before it becomes a problem.

AI Governance & Policy

Understand what AI governance actually requires, assess your current posture, and access templates to formalise your approach, without expensive consultancy.

Start free assessment →

UK GDPR & Data Protection

Practical, sector-specific guidance on UK GDPR obligations, including how AI tools interact with your data processing activities and where DPIAs are required.

View tools & templates →

Shadow AI Risk

Most AI risk in professional practices isn't from official tools, it's from the tools leadership doesn't know staff are using. Learn how to identify and manage Shadow AI.

Read the guide →

Free Tool

6 steps to your AI governance gap report

Tell us about your sector, the AI tools your practice uses, and what governance you have in place. We'll generate a personalised Red/Amber/Green report and email it to you, free.

Sector-specific
AEC, Clinical, Legal & Accountancy guidance built in
Actionable outputs
Specific next steps for each governance area
Emailed to you
Full report delivered to your inbox to share with your team

Start the free assessment

Assessment covers

Your sector & organisation profile

AI tools currently in use

Data types your practice handles

Current governance & policy posture

RAG report generated instantly

✓

Full report emailed to your inbox

By Sector

Guidance built for your profession

Generic compliance advice rarely fits the way professional practices actually operate. Our resources are written with the specific tools, workflows, and regulatory context of each sector in mind.

Architecture, Engineering & Construction

AI in BIM workflows, Revit co-pilots, generative design tools, the AEC sector is an early adopter with specific data residency and project confidentiality obligations.

AEC guidance →

Clinical & Healthcare

Clinical AI introduces the highest data sensitivity requirements. Patient data processed by AI tools carries obligations under UK GDPR, Data Security and Protection Toolkit, and emerging NHS AI guidance.

Clinical guidance →

Legal & Accountancy

Legal practices and accountancy firms handle privileged and confidential data. AI tools that process client information create specific professional indemnity and regulatory exposure.

Legal & accountancy guidance →

Insights

Practical reading on AI compliance

All insights

AI Governance · 8 min read

Shadow AI in Professional Practices: What Leaders Don't See

Staff are using AI tools your IT team hasn't approved. Here's how to find out what's in use, why it matters, and how to govern it without killing productivity.

Read article →

Procurement · 6 min read

15 Questions Every Practice Should Ask Their IT Partner About AI

Most IT support contracts were written before AI was mainstream. These questions will reveal whether your IT partner is keeping pace, or leaving you exposed.

Read article →

Specialist IT Support

Need more than self-service guidance?

If your practice needs a specialist IT partner, one that understands your sector, your compliance obligations, and your workflow, we work with two specialist teams.

For AEC Practices

Workshop IT (WIT)

ISO-certified managed IT exclusively for architecture, engineering, and construction firms. vDesks for GPU-intensive AEC workflows. Microsoft Partner.

Visit WIT →

For All Other Professional Services

Net Essence

Managed IT and digital services for legal, accountancy, clinical, and other professional services firms. ISO 27001 certified. London and UK-wide.

Visit Net Essence →

Get Started, It's Free

Know where you stand on AI governance today

The 6-step assessment takes less than 5 minutes. You'll receive a personalised report by email with specific actions for your practice.

Start the free assessment