The NHS Test and Trace Programme leaves no doubt that it involves the processing of personal data on a large scale. The service was established to form a central part of the government’s coronavirus recovery strategy was formally launched on the 28th of May 2020. The aim of this service is to help identify, contain […]
The EU-US Privacy Shield was invalidated on the 16th of July 2020 by a ruling of the EU Court of Justice (CJEU). This ruling was done in the case known as Schrems II (C-3111/18). This case challenged the processes for personal data transfers between the EU and the US on the basis to hold that […]
There are many questions around why a Data Protection Officer (DPO) is needed and what their role is in an organisation. In this post, I’ll answer common questions that have been asked by organisations seeking to comply with the GDPR and DPA and from those looking to take on a DPO role. What is the […]
As discussed in our previous blog post: 4 Working from Home Security Tips, many organization have changed the way they connect and communicate in their new working from home (WFH) environments. Therefore organisations must adjust data protection controls to account for changes that the pandemic has brought in our new working environments. The development of COVID-19 […]
In 2019, the ICO fined Marriott Hotels £99 million under the GDPR for not undertaking sufficient due diligence to secure its systems when it acquired Starwood Hotels Group. This resulted in 339 million unprotected guest records being exposed. Elizabeth Denham, Information Commissioner stated: “The GDPR makes it clear that organisations must be accountable for the […]
The Covid-19 pandemic made it imperative for organisations to conduct business remotely in order to stay competitive during the UK lockdown. Many have adjusted quickly, changing the way they deliver services, connect and communicate with employees in their new working from home (WFH) environment. HR policies may have been changed to allow for WFH but […]
Previously known as ‘privacy by design’, “data protection by design and default” has always been part of the UK Data Protection Law. But the key change is with the General Data Protection Regulation (GDPR) now making it a legal requirement. The GDPR requires you to put in place appropriate technical and organisational measures to implement […]
In our recent webinar, ‘6 Things to do to Meet GDPR 3rd Country Requirements’, we provided information on how data privacy requirements may change and why organisations should prepare now. The webinar ended with a Q&A session with our data privacy and protection expert, Ursula Baye. In this post, we list the answers to those questions asked […]
Sometimes we get in the mode of doing something out of procedure without a true understanding of why it’s important and the true benefit of the process. Such is the case with the DPIA (Data Protection Impact Assessments) which is pivotal to GDPR compliance. In general, conducting a DPIA will improve awareness in your organisation […]
With Brexit-no-deal staring us in the face, the big question for the future is what happens next? The UK Government has stated its’ plans to keep the GDPR regulation “as-is” after it has left the Union; therefore companies are advised to maintain compliance with both the GDPR and the UK DPA 2018 even if they […]
- 1
- 2