Think GDPR’s a joke? Wait ‘til you’re explaining €20 million to your boss.
Don’t wait for a disaster - get your FREE data health check now.
As countries across the globe progress with new cybersecurity and data privacy regulations, the United States continues to get by with a patchwork of state and industry-specific regulation. There is little cohesion and there are currently over 90 different digital privacy proposals and over 50 different data breach notification laws – one for each state […]
Is America finally ready to embrace the need for GDPR? Read More »
Uber drivers are threatening to take legal action over claims the company has refused to disclose personal information it holds on them under the General Data Protection Regulation (GDPR). Four drivers claim the company is simply failing to comply with EU data disclosure obligations. They say the driver hailing app has failed to disclose the
Uber faces legal action for GDPR non-compliance Read More »
The HMRC has started deleting the voice biometric data of five million taxpayers collected unlawfully but say they still plan to continue using the system despite the controversy. The UK’s Information Commissioner’s Office (ICO) has ruled the collection of voice biometric data from five million people by the UK’s tax authority is in violation of
HMRC forced to delete five million voice files Read More »
Privacy campaigners have spoken out over controversial plans where rape victims could soon be forced to hand over their mobile phones to police or risk their attacker walking free. If victims do not allow police to access their messages, photos emails and social media accounts then prosecutions may not go ahead. The Centre for Women’s
Rape victims told to hand over phones or risk cases being dropped Read More »
One important element of the legislation is the requirement for data controllers to enter into a Data Processing Agreement (DPA) with data processors. Most businesses rely on third parties to process personal data. Whether it’s an email client, a cloud storage service, or website analytics software, you must have a data processing agreement with each
What is a GDPR data processing agreement (DPA)? Read More »
When the General Data Protection Regulation (GDPR) was introduced, it was the largest piece of data regulation ever passed by the European Union. GDPR is important because it improves the protection of European data subjects’ rights and clarifies what companies that process personal data must do to safeguard these rights. All companies and organisations that deal with data relating
Why is GDPR Important? Read More »
Under the GDPR, the definition of ‘personal data’ means “any information relating to an identified or identifiable natural person”. Sensitive personal data relates to information which requires extra care. A business cannot process any information falling within the list above without taking extra precautions. This is particularly relevant in relation to employees, as many personnel
What is Sensitive Personal Data? Read More »
GDPR defines a data controller as: “a natural or legal person, which alone or jointly with others, determines the purposes and means of personal data processing.” … The data controller will decide the purpose for which personal data is required and what personal data is necessary to fulfil that purpose The data controller determines the purposes for which and the means by which personal data is processed. So, if your company/organisation decides
What is a Data Controller? Read More »
GDPR certification refers to becoming legally compliant with the European Union’s (EU) General Data Protection Regulation (GDPR). This is a feature of GDPR law that allows people or entities to receive certification from approved certification bodies to show both the EU and consumers that they are in compliance with GDPR. Certification is scalable and can be different for organizations of differing size and
GDPR Certification Read More »
Many people are still unsure what exactly the term ‘personal data’ refers to, even though it forms the core of the EU General Data Protection Regulation (GDPR). The EU-wide GDPR, which was brought into UK law on 25 May 2018, broadened the definition of what counts as personal data. When we think of personal data, things like name,
What constitutes personal data for GDPR? Read More »
