Depending on who consults you, you may be advised to start your GDPR compliance in any number of areas. Data mapping is a fairly common (and good) recommendation, because it helps an organisation understand exactly what personal data comes into the business, where (and how) it moves internally, where it is sent and when it…
Data protection exists for lawfulness, fairness and transparency in how personal data is collected, reviewed, stored and used. Everyone everywhere is at risk of their personal data being misused, and every organisation and entity that controls and processes that data can be held responsible for its misuse. Are you at risk of non-compliance? Data Protection…
The Data Protection Act 2018 (DPA 2018) supersedes The Data Protection Act 1998 (DPA 1998). It was enacted into UK law on the 23rd May 2018 – just two days before the enforcement of the GDPR on 25th May. Which is relevant to me – the DPA 2018 or the GDPR? To create an effective…
Wondering if you can grab a Privacy Policy template and publish it on your website? You could do, but this is unlikely to reflect how your business uses data, so will be misleading to those who read it. Many organisations are unaware that it is a legal requirement to publish a privacy policy on a…
Data protection changed forever with the introduction of the EU’s General Data Protection Regulation. This EU-wide law sets out the legislation organisations must follow regarding how they manage customer data. In this article, we reveal the big changes that will affect your business. The EU’s General Data Protection Regulation (GDPR) is a piece of EU…
The GDPR requires businesses to consider the principles of data protection in processing activities before they even commence, so utilising a data protection by design approach. There is nothing new here – the key change with GDPR is that it is now a legal requirement. When an organisation processes (or plans to process) personal data…
Keeping your customer’s data secure is of the utmost importance, and encryption is one method that can help you achieve that. In this complete guide, we reveal all you need to know about protecting sensitive customer data. It is good practice for data encryption to exist for all forms of high-risk data, such as sensitive…
Data Protection Act 1998 – A Summary of the 8 Guiding Principles Get clear concise guidence from an expert: The Data Protection Act 1998 was an act of Parliament designed to protect personal data stored on computers or in organised paper filing systems. It enacted the EU Data Protection Directive, 1995’s provisions on the protection,…
No business is immune to a data breach, and some of the biggest companies in the world with supposedly state-of-the-art systems and access to the most experienced privacy specialists have fallen victim. Recent high profile cases have included Facebook, British Airways, Ticketmaster and Marriot Hotels. But how is data stolen, what’s taken and where does…
The Information Commissioner’s Office has powers to fine and impose restrictions on the data processing activities of organisations in the event of data breaches. Serious breaches can now see organisations fined up to 20 million Euros or 4% of group worldwide turnover. In this guide, we discuss how the ICO pursue and act on data…
