Some of Our Clients

Latest Data Protection News

A risk based approach to the DPO role

by Mandy Webster on

Applying risk management principles to the DPO role.  What does that mean in practice?  Are there any benefits to using risk management in this context?

[Read more …]

Data Protection Bill 2017

by Mandy Webster on

How will the Data Protection Bill impact on GDPR?  Take a look at some of the draft provisons...

[Read more …]

Briefing for the Board

by Mandy Webster on

Where do you start to brief the Board on GDPR?  Well it can help to have an outline to play around with.  Here is my suggested outline....

[Read more …]

DPO on a Shoestring Budget

by Mandy Webster on

Are you a designated DPO?  Feeling exposed?  No additional budget?  Limited resources?  Not all businesses employ a full time Data Protection Officer so, often it forms part of the job of a manager to act as DPO or Data Protection Manager

[Read more …]

Appointing a designated Data Protection Officer

by Mandy Webster on

Under the General Data Protection Directive ("GDPR") it is mandatory for certain data controllers and data processors to designate a Data Protection Officer ("DPO").   This article looks at which organisations are likely to require a DPO and the requirements around the the appointment and role...

[Read more …]

EU General Data Protection Regulation

by Mandy Webster on

The GDPR was finally adopted in April 2016 and, after a period for publication, the two year implementation period started to run from 24 May 2016 with the Regulation applying from May 2018.

[Read more …]

Introducing the role of Data Protection Officer

by Mandy Webster on

From May 2018 the General Data Protection Regulation (“GDPR”) will apply to all UK based organisations.  One of the key changes to data protection law is the introduction of a requirement to appoint a Data Protection Officer where the core activities of the controller or processor consist of processing on a large scale of special categories of data which we know as “sensitive” data under the Data Protection Act 1998.   

If we get this wrong it is serious stuff.  An organisation which either intentionally or negligently fails to designate a Data Protection Officer or does not ensure the conditions for fulfilling the DPO tasks are open to an administrative fine of up to 10,000,000 euros or 2% annual worldwide turnover whichever is greater.

[Read more …]

More about data transfers outside of the EEA

by Mandy Webster on

Small comfort given the problems with safe harbor but this really is a useful flowchart.

[Read more …]

ECJ ruling affecting Safe Harbor

by Mandy Webster on

Today's decision by the ECJ means that we can no longer rely on Safe Harbor to ensure that personal data transferred to the US is processed in accordance with the Eighth Principle.

[Read more …]
This website uses cookies to ensure you get the best experience on our website. By continuing to use this website you agree to the use of cookies. Read more …