House-on-the-Hill Logo

Making the Case for Compliance

DiscoveryControl is request management software that's especially built to turn requests into fully audited cases that track Freedom of Information, Subject Access Requests, EIR, Discovery & more. Our solution reduces the tedious & costly tasks that burden every department, improves the requestor experience, ensures compliance, and spotlights accountability within your organisation

House-on-the-Hill’s FOI, Request and Case Compliance solution has showed no signs of slowing since its introduction. Many organisations now relish in its ability to retire manual processes and stay compliant. Excitingly, we can now take that one step further as House-on-the-Hill joins forces with Waterford Technologies, specialists within the integrated compliance space.

Our first venture with Waterford Technologies: DiscoveryControl, is a new refined Request & Case Management Solution.

The objective was simple, simplify! In response to demand and consultation with our clients DiscoveryControl is an improved easy-to-use Freedom of Information Requests (FOI) Data Subject Access Requests (DSAR), Environmental Information Regulations (EIR) Risks, and Data Breaches management system that is fully supported by our team of consultants.

"Timely, flexible, informed and effective response received. Thanking you kindly."

James Smuts, Parliamentary and Health Service Ombudsman

DiscoveryControl strives to be the most user-friendly FOI, DSAR, EIR, and Data Breaches management system in the world and is configurable to your exact data workflow requirements as the workload and requirements increases year on year in this area.

If you would like to learn more and have a go on your own branded trial please say hello to Luke @
or fill in our demo link questionaire :)

Why do I need DiscoveryControl?

The simple answer is do you deal in requests and want to save time and reduce costs? And, do you want to safeguard against prosecutions for data breaches or failing to show compliance with your industry-specific regulations. Still a little unsure… Perhaps these common reasons might shed some more light.

Have you had a SAR/ FOI request and how was the process managed?

How will you manage when the requests increase over the coming year?

Have you been fined?

Have you had a data breach?

How do you know when a deadline is missed?

How do you know if there is an internal delegation that's outstanding?

How do you know if someone has changed the data? (can you prove no data has been altered?)

What’s the procedure when the main administrator is on leave?

If the ICO came knocking on your door, would you be able to show your process and audit history?

How well do you comply with the statutory time limits for answering requests?

Do you monitor and seek to improve your own FOI performance? How do you do this currently?

Are you able to provide an audit trail of how a records request was conducted?

If you are audited can you provide evidence that this sensitive data is protected, and access restricted to authorized users?

Can you provide evidence that your Records Request Policy is enforced, and that cases are dealt with consistently and fairly, and that essential data is captured for reporting and analysis purposes?

Did you know that on average 30% of the requests that our clients receive can be resolved through the disclosure log?

How does it work?

Achieve Case Enlightenment by following the 5 C’s of Case Management

DiscoveryControl works by streamlining the workflow of delegating tasks and setting deadlines dictated by the request type.

  • Capture

    Through a public portal or email that enables the fast, simple, and secure creation of uniformed requests straight into DiscoveryControl Accessible anywhere, anytime. Working for you before any person is on the case.

  • Comprehend

    Use our expertise to customize your processes. Your team uses invaluable sector knowledge to transform requests into categorized cases in two clicks. Each categorization is agreed upon, repeatable, and assigned automatic deadlines. The risk of human error is minimized, and compliance is maintained.

  • Collate

    Collating information from within the organization is the lifeblood of a case management system. You are not expected to know everything. The solution is to delegate simple tasks to others in your organization who can get the information that is requested and will help complete the case. These delegates could be the teams managing repositories such as MailMeter and SISCIN. This process is simple, fully audited, and saves valuable staff hours whilst implementing a delegate protocol process to help streamline future requests and identify gaps.

  • Complete

    Pull in all the Delegate responses to produce a fully formed case response and select from a library of rich emails to send directly to requestors and gather feedback.

  • Curate

    This service is living and breathing, so reporting insights are essential to pinpoint bottlenecks, detect emerging risks, manage staff workloads, and receive notifications of approaching deadlines. You can also manage the Self-Service via the public Disclosure Log.