On the 6th September 2019, the USA’s National Institute of Standards and Technology (NIST) published a preliminary draft of its new privacy framework entitled ‘Privacy Framework: […]
The NIS Directive is an EU Directive that was enacted into UK law as The Network and Information Systems Regulations 2018 (NIS Regulation). The NIS focusses […]
Background Due to recent political developments, the likelihood of the UK leaving the EU without a deal is a real possibility. Therefore, in preparation, The DPO […]
Rob Masson discusses the DPO’s changing role in a recent Podcast. Data protection officers are assuming a more strategic role that goes beyond ensuring compliance with […]
At £183.4m (US$228m) or 1.5% of BA’s worldwide revenue in 2017, this fine by the UK Information Commissioner’s Office (ICO) sets a new precedent in the […]
We are often asked by clients how to determine whether a breach is reportable to the supervisory authority and/or a data subject or if it should […]
Our December 2018 blog post entitled “Data Subject Access Request = 4 words to fear?”, explained the need for a robust and efficient process for responding […]
This time last year, we were all so very concerned about May 25th and the advent of the GDPR. How was it going to change things? […]
Article 6 of the GDPR sets out six ‘lawful bases’ for processing personal data. At least one of these must apply in order for data to […]
The General Data Protection Regulation (GDPR) has been introduced in the EU with the aim of improving the protection of personal data. Understanding whether an organisation […]
Six things to consider about Data Subject Access Requests NOW under DPA 2018 (GDPR) Data Subject Access Requests (DSARs), the four words that were striking fear […]
The General Data Protection Regulation (GDPR) and the Data Protection Act 2018 (DPA) have some key differences which may impact the UK’s relationship with the EU, […]
The First Mate says to the pirate, “Cap’n, I’ve destroyed all our old crew lists. All records of everyone we made walk the plank have also […]
12 Simple Steps About Personal Data Protection to Learn From The Payment Card Industry Financial Services is one of the most heavily regulated industries there is. […]
In the last 20 years, the collection and processing of data has grown exponentially. The practice has been undertaken by businesses worldwide, in order to help […]
As a developer, you want to create the best possible app or game, for users. While the functionality and user XP might be second to none, […]
The number of organisations bracing themselves for legal battles over data breaches is increasing. In addition to the reputational damage and fines, companies like Equifax, Ticketmaster […]
Continued and unhindered data flows are vitally important to both the UK and EU economies. Currently, the GDPR sets the framework to allow free transfers of […]
What is the EU- US Privacy Shield? It’s a framework for transatlantic exchanges of personal data between the European Union and the US. Why do organisations […]
Regardless of size, the GDPR (and of course in the UK the DPA 2018) will impact all businesses, especially those processing large amounts of personal data […]
The position under the General Data Protection Regulation (GDPR) relating to cross-border transfer rules on personal data is similar to that under the 1995 Data Protection […]
A majority of businesses have some sort of social media platform which they use to interact and engage with customers and clients – and social media […]
The latest research from a global study conducted by Veritas Technologies, has revealed that UK consumers have little trust in organisations to safeguard their own personal […]
Here’s the big belief many people have – GDPR is just another set of regulations that won’t be enforced. The truth is if you aren’t keeping […]
What do you call sophisticated malicious software that has been designed with outstanding evasion and infection capabilities, which avoids being detected – and can remain hidden […]
Oh goodness, please defend us from acronyms. OK, DPB = Data Protection Bill and GDPR = General Data Protection Regulation, so what is the difference? The […]
Let’s clear one thing up straight away – when we talk about a Data Protection Officer, or DPO, it is the role that is important, so […]
The actual role of Data Protection Officer (DPO) requires a polymath with a considerable range of skills who operates rather like a regulator within your organisation. […]
Almost certainly you will not know – why would you? GDPR introduces totally new rules and concepts so you will not have catered for them before. […]
More regulation and more cost, do you regard that as a bore or an opportunity for profit? Let us examine the positives, starting with the value […]
First of all, let us get to a base of understanding. The most important thing that your staff must recognise is that they are all now […]
Google ‘Subject Access Requests’ and you will find a number of template letters designed for the consumer to send to an organisation. Read them and you […]
Oh my goodness, “lies, damned lies and statistics”. The surprise in this headline is that it implies that 39% are ready, to which we would associate […]
