Under the GDPR (General Data Protection Regulation), all personal data breaches must be recorded by the organisation and there should be a clear and defined process for doing so. Additionally, there are circumstances in which…
Organisations received £155 million in GDPR fines in…
In 2020, organisations received €182 million (about £155 million) in fines for violating the GDPR (General Data Protection Regulation), according to an IT Governance report. Our GDPR Fines Quarterly Report revealed that more than two…
Personal data vs. sensitive data: what’s the difference?
Data protection law in the UK has changed as a result of Brexit. You can find the latest guidance here. At the heart of the GDPR (General Data Protection Regulation) is the concept of ‘personal…
Have you completed these 3 data protection tasks…
When the UK left the EU on 31 January 2020 – sparking a transition period that ends on New Year’s Eve – there were plenty of questions about how organisations would transfer personal data to…
When are schools required to report personal data…
Under the GDPR (General Data Protection Regulation), all personal data breaches must be recorded by the organisation and there should be a clear and defined process for doing so. Additionally, there are circumstances in which…
Your DPO questions answered
Organisations have had to get a lot more serious about data processing and information security since the EU GDPR (General Data Protection Regulation) came into effect earlier this year. For many, that has included the…
How organisations are completing EU–US data transfers following…
Earlier this year, the ECJ (European Court of Justice) invalidated the EU–US Privacy Shield, ruling that it fails to protect people’s rights to privacy and data protection. It followed heavy criticism from the Austrian privacy…
GDPR Article 32: Your guide to the requirements
Perhaps the most widely discussed set of compliance requirements within the GDPR (General Data Protection Regulation) are those found in Article 32. That’s because it contains the measures that organisations must implement to prevent cyber…
GDPR data transfer rules: what you need to…
If you’re transferring data outside of the EEA, the GDPR (General Data Protection Regulation) imposes some restrictions. These apply to all data transfers, no matter the size of the transfer or how often you carry them…