NIST Draft Privacy Framework
Data Security & Encryption, GDPR, data breach, data class action, data protectionOn the 6th September 2019, the USA’s National Institute of Standards and Technology (NIST) published a preliminary draft of its new privacy framework entitled ‘Privacy Framework: […]
NIS Regulations and the need for representation
Data Security & Encryption, GDPR, data breach, data class action, data protectionThe NIS Directive is an EU Directive that was enacted into UK law as The Network and Information Systems Regulations 2018 (NIS Regulation). The NIS focusses […]
What does a hard Brexit mean for UK companies?
Data Security & Encryption, GDPR, data breach, data class action, data protectionBackground Due to recent political developments, the likelihood of the UK leaving the EU without a deal is a real possibility. Therefore, in preparation, The DPO […]
The changing role of the data protection officer
Data Security & Encryption, GDPR, data breach, data class action, data protectionRob Masson discusses the DPO’s changing role in a recent Podcast. Data protection officers are assuming a more strategic role that goes beyond ensuring compliance with […]
BA – A wake up call from the ICO
Data Security & Encryption, GDPR, data breach, data class action, data protectionAt £183.4m (US$228m) or 1.5% of BA’s worldwide revenue in 2017, this fine by the UK Information Commissioner’s Office (ICO) sets a new precedent in the […]
How to Recognise Data Breaches – Reportable vs Recordable
Data Security & Encryption, featured post, GDPR, Staff Training & Awareness, data breach, data class action, data protectionWe are often asked by clients how to determine whether a breach is reportable to the supervisory authority and/or a data subject or if it should […]
Data Subject Access Requests (DSARs) – 5 Essential Steps
Data Security & Encryption, featured post, GDPR, Staff Training & Awareness, data breach, data class action, data protectionOur December 2018 blog post entitled “Data Subject Access Request = 4 words to fear?”, explained the need for a robust and efficient process for responding […]
GDPR – One Year On – 6 Key Lessons for Schools?
Data Protection Officer, Data Security & Encryption, featured post, GDPR, Staff Training & Awareness, data breach, data class action, data protectionThis time last year, we were all so very concerned about May 25th and the advent of the GDPR. How was it going to change things? […]
What are the six lawful bases and when do they apply?
Data Protection, featured post, GDPR, data breach, data class action, data protectionArticle 6 of the GDPR sets out six ‘lawful bases’ for processing personal data. At least one of these must apply in order for data to […]
What exactly is ‘personal data’?
Data Protection, featured post, data breach, data class action, data protectionThe General Data Protection Regulation (GDPR) has been introduced in the EU with the aim of improving the protection of personal data. Understanding whether an organisation […]
Data Subject Access Request = 4 words to fear?
Data Protection, GDPR, data breach, data class action, data protectionSix things to consider about Data Subject Access Requests NOW under DPA 2018 (GDPR) Data Subject Access Requests (DSARs), the four words that were striking fear […]
What is the difference between the DPA 2018 and the GDPR? (and why does it matter?)
Data Protection, data breach, data class action, data protectionThe General Data Protection Regulation (GDPR) and the Data Protection Act 2018 (DPA) have some key differences which may impact the UK’s relationship with the EU, […]
Ignore data retention at your peril!
Data Protection, GDPR, data breach, data class action, data protectionThe First Mate says to the pirate, “Cap’n, I’ve destroyed all our old crew lists. All records of everyone we made walk the plank have also […]
Why you should ‘steal’ card fraud protection guidelines
Data Protection, Data Protection Officer, card fraud, data protection, data protection guidelines, DPO, eprivacy, fraud, fraud protection, GDPR12 Simple Steps About Personal Data Protection to Learn From The Payment Card Industry Financial Services is one of the most heavily regulated industries there is. […]
GDPR – What is it all about?
Data Protection, data breach, data class action, data protectionIn the last 20 years, the collection and processing of data has grown exponentially. The practice has been undertaken by businesses worldwide, in order to help […]
App & Gaming Developers: win user trust; protect their data
GDPR, Cookies, data protection, developers, GDPR, privacyAs a developer, you want to create the best possible app or game, for users. While the functionality and user XP might be second to none, […]
Data Breach Class Actions – how to protect your business
Data Protection, data breach, data class action, data protectionThe number of organisations bracing themselves for legal battles over data breaches is increasing. In addition to the reputational damage and fines, companies like Equifax, Ticketmaster […]
Why Brexit could spell a data protection disaster
GDPR, Adequacy, Brexit, GDPRContinued and unhindered data flows are vitally important to both the UK and EU economies. Currently, the GDPR sets the framework to allow free transfers of […]
Five reasons why you should care about the (possible) suspension of the EU-US Privacy Shield
US Privacy Shield, US Privacy ShieldWhat is the EU- US Privacy Shield? It’s a framework for transatlantic exchanges of personal data between the European Union and the US. Why do organisations […]
The 5 unavoidable ways the GDPR is now affecting your business
GDPRRegardless of size, the GDPR (and of course in the UK the DPA 2018) will impact all businesses, especially those processing large amounts of personal data […]
Binding Corporate Rules – An Improvement on Cross-Border Data Transfer?
Data Protection, Binding corporate rules, GDPRThe position under the General Data Protection Regulation (GDPR) relating to cross-border transfer rules on personal data is similar to that under the 1995 Data Protection […]
How data compliance impacts social media management: A note to Facebook fan page owners
Data Protection, Social media data protectionA majority of businesses have some sort of social media platform which they use to interact and engage with customers and clients – and social media […]
Respect, Protect, Direct: What GDPR means to your customers
Data Protection, Data Protection Officer, GDPR, GDPR and customersThe latest research from a global study conducted by Veritas Technologies, has revealed that UK consumers have little trust in organisations to safeguard their own personal […]
Do I need a Data Protection Officer to comply with GDPR? Misconceptions Solved
Data Protection OfficerHere’s the big belief many people have – GDPR is just another set of regulations that won’t be enforced. The truth is if you aren’t keeping […]
The sophisticated hacking techniques to be aware of
Data ProtectionWhat do you call sophisticated malicious software that has been designed with outstanding evasion and infection capabilities, which avoids being detected – and can remain hidden […]
The difference between the DPB and the GDPR
Data Protection, GDPROh goodness, please defend us from acronyms. OK, DPB = Data Protection Bill and GDPR = General Data Protection Regulation, so what is the difference? The […]
8 good reasons why you need a Data Protection Officer
Data Protection OfficerLet’s clear one thing up straight away – when we talk about a Data Protection Officer, or DPO, it is the role that is important, so […]
“A DPO or not a DPO? That, is the question
Data Protection OfficerThe actual role of Data Protection Officer (DPO) requires a polymath with a considerable range of skills who operates rather like a regulator within your organisation. […]
Do you know the impact of GDPR on your organisation?
GDPRAlmost certainly you will not know – why would you? GDPR introduces totally new rules and concepts so you will not have catered for them before. […]
Why complying with GDPR will help your organisation grow
GDPRMore regulation and more cost, do you regard that as a bore or an opportunity for profit? Let us examine the positives, starting with the value […]
The top 6 things your staff need to know about protecting personal data
Data ProtectionFirst of all, let us get to a base of understanding. The most important thing that your staff must recognise is that they are all now […]
Why you need to be prepared for Subject Access Requests (SARs)
GDPRGoogle ‘Subject Access Requests’ and you will find a number of template letters designed for the consumer to send to an organisation. Read them and you […]
61% of organisations not yet ready for GDPR
GDPROh my goodness, “lies, damned lies and statistics”. The surprise in this headline is that it implies that 39% are ready, to which we would associate […]