Organisations are always looking for ways to improve their cyber security defences, but they often overlook the value of enrolling their employees on cyber security training courses. According to a study by Centify, 77% of…
List of mandatory documents required by the GDPR
The documentation of processing activities is a new legal requirement under the EU GDPR (General Data Protection Regulation). Documenting your processing activities can also support good data governance, and help you to demonstrate your compliance…
GDPR: Data transfers outside the EU – what…
This blog has been updated to reflect industry developments. Originally published Jan 04, 2018. The EU General Data Protection Regulation (GDPR) restricts transfers of personal data to countries outside the EEA. These restrictions apply to…
Hotel giant Marriott to be fined £99m for…
Marriott International is to be fined £99.2 million for a massive data breach that it disclosed last year. The penalty, levied by the ICO (Information Commissioner’s Office), relates to a cyber attack that occurred in…
British Airways faces sky high £183 million GDPR…
British Airways has been fined £183.4 million for a data breach that affected around 500,000 customers last year. The airline, owned by IAG, says it is “surprised and disappointed” by the penalty – the largest ever fine for a…
What is data protection by design and default
If your organisation is subject to the GDPR (General Data Protection Regulation), you’re probably aware of your requirement to “implement appropriate technical and organisational measures” to protect the personal data you hold. An essential principle…
How Ireland became Europe’s data protection watchdog
When the GDPR (General Data Protection Regulation) took effect a year ago, it promised to overhaul the EU’s data protection landscape. Things have moved a little slower than expected for most member states, but that’s…
The GDPR: A year in review
A year ago this week, the GDPR (General Data Protection Regulation) took effect, promising to revolutionise information security. To mark the anniversary, we gathered a panel of data protection experts to discuss the effect of…
Why your DPO needs specialised training
The broad range of skills required to succeed as a DPO (data protection officer) makes it a tough position to fill. DPOs need to work with staff to answer data protection questions, monitor the organisation’s…