Some of Our Clients

Latest Data Protection News

GDPR - what to do now...

by Mandy Webster on

GDPR presents a significant upshift in the way organisations need to think about data protection as well as introducing new subject rights and tweaking some of the old ones.  In this article we take a look at the practical implications and start to look beneath the skin of GDPR.

[Read more …]

Appointing a designated Data Protection Officer

by Mandy Webster on

Under the General Data Protection Directive ("GDPR") it is mandatory for certain data controllers and data processors to designate a Data Protection Officer ("DPO").   This article looks at which organisations are likely to require a DPO and the requirements around the the appointment and role...

[Read more …]

EU General Data Protection Regulation

by Mandy Webster on

The GDPR was finally adopted in April 2016 and, after a period for publication, the two year implementation period started to run from 24 May 2016 with the Regulation applying from May 2018.

[Read more …]

Introducing the role of Data Protection Officer

by Mandy Webster on

From May 2018 the General Data Protection Regulation (“GDPR”) will apply to all UK based organisations.  One of the key changes to data protection law is the introduction of a requirement to appoint a Data Protection Officer where the core activities of the controller or processor consist of processing on a large scale of special categories of data which we know as “sensitive” data under the Data Protection Act 1998.   

If we get this wrong it is serious stuff.  An organisation which either intentionally or negligently fails to designate a Data Protection Officer or does not ensure the conditions for fulfilling the DPO tasks are open to an administrative fine of up to 10,000,000 euros or 2% annual worldwide turnover whichever is greater.

[Read more …]

More about data transfers outside of the EEA

by Mandy Webster on

Small comfort given the problems with safe harbor but this really is a useful flowchart.

[Read more …]

Continuing issues with safe harbor

by Mandy Webster on

In October 2015 the European Court of Justice ruled that safe harbor did not offer adequate protection for the personal data of European citizens.  The impact was significant as many organisations rely on safe harbor to legitimise transfers of personal data to the US.  The Article 29 Working Party has considered the impact of the decision and made a statement.

 

[Read more …]

ECJ ruling affecting Safe Harbor

by Mandy Webster on

Today's decision by the ECJ means that we can no longer rely on Safe Harbor to ensure that personal data transferred to the US is processed in accordance with the Eighth Principle.

[Read more …]

Information Commissioner publishes annual report for 2015

by Mandy Webster on

In July 2015, the Information Commissioner published his annual report detailing the work undertaken by the Office during the year and highlighting some trends and issues.

[Read more …]

Clarification about risk-based approach to data protection compliance

by Mandy Webster on

This article reviews the statement made by the Article 29 Working Party last year considering how a risk-based approach to compliance should properly be implemented.  

[Read more …]

The latest facts and figures about security breaches

by Mandy Webster on

PWC has published its 2015 report into data security breaches.  The number of organisations reporting breaches has increased although the number of breaches actually suffered averages out lower than last year but still remains at a whopping 14% median.

[Read more …]
This website uses cookies to ensure you get the best experience on our website. By continuing to use this website you agree to the use of cookies. Read more …