The GDPR (General Data Protection Regulation) makes a distinction between ‘personal data’ and ‘sensitive personal data’. In this blog, we look at the difference between those terms, and we begin by recapping the Regulation’s definition of personal data: ‘ersonal data’ means …
November saw 103 cyber security incidents and more than 580 million leaked records. That’s less than the monthly average, but we are still on pace to surpass 20 million breached records this year – a figure that seems almost unfathomable. …
An ISO 27001 risk assessment helps organisations identify, analyse and evaluate weaknesses in their information security processes. Want to know how to get your ISO 27001 risk assessment process right? Let’s take a look at five things you can do to get …
The PCI DSS (Payment Card Industry Data Security Standard) contains a set of requirements to help organisations prevent payment card fraud. But did you know that the same requirements don’t apply universally? In fact, there are four PCI compliance levels, …
The EU General Data Protection Regulation (GDPR) requires organisations to adopt the principles of “privacy by design and by default”. These concepts require organisations to embed security measures into their systems at the outset, rather than applying features retroactively. It …
The GDPR (General Data Protection Regulation) outlines six conditions under which organisations can process personal data. Contractual requirements, legal obligations, vital interests and tasks carried out in the public interest are all relatively self-explanatory, leaving consent and legitimate interest that …
Personal data is at the heart of the GDPR (General Data Protection Regulation), but many people are still unsure exactly what ‘personal data’ refers to. There’s no definitive list of what is or isn’t personal data, so it all comes down …
Are you looking to boost your data protection practices but can’t decide whether to follow the guidance of ISO 27001 or SOC (Service Organization Control) 2? Let’s take a look at which one is right for you by reviewing five …
If you do business with a UK-based organisation, your relationship will change when the Brexit transition period ends on 31 December 2020. Notably, there is still much uncertainty when it comes to transferring personal data into and out of the …
We recorded 117 publicly disclosed cyber attacks and data breaches in October 2020, making it the leakiest month of the year so far. It surpasses September’s total of 102 incidents, and marks the third month in a row in which …
