Governance, Risk, Compliance
The first 72 hours after you discover a data breach are critical. Why? The GDPR (General Data Protection Regulation) requires all organisations to report certain types of personal data breach to the relevant supervisory authority. More specifically, Article 33…
Under the GDPR (General Data Protection Regulation), organisations must be vigilant about how long they retain personal information. If you keep sensitive data for too long – even if it’s being held securely and not…
First published June 2018. Last updated March 2020. Under the EU GDPR (General Data Protection Regulation), you need to identify a lawful basis before processing personal data. But what is a lawful basis for processing?…
The GDPR (General Data Protection Regulation) gives individuals more control over how their personal data is used. If your organisation processes personal data, the Regulation requires you to provide data subjects with certain information. This typically takes the…
Under the GDPR (General Data Protection Regulation), organisations must be vigilant about how long they retain personal information. If you keep sensitive data for too long – even if it’s being held securely and not…
Twitter has suspended the dating app Grindr from its ad platform after discovering ‘insane violations’ of the GDPR (General Data Protection Regulation). According to a study by the NCC (Norwegian Consumer Council), Grindr shared significant…
Organisations are always looking for ways to improve their cyber security defences, but they often overlook the value of enrolling their employees on cyber security training courses. According to a study by Centify, 77% of…
As we approach 31 October and the revised Brexit deadline day, you’ll see more and more stories pop up about previously under-reported ways that the UK’s departure from the EU will affect organisations. The latest…
The documentation of processing activities is a new legal requirement under the EU GDPR (General Data Protection Regulation). Documenting your processing activities can also support good data governance, and help you to demonstrate your compliance…
This blog has been updated to reflect industry developments. Originally published Jan 04, 2018. The EU General Data Protection Regulation (GDPR) restricts transfers of personal data to countries outside the EEA. These restrictions apply to…