Data Protection Archive
If your organisation is subject to the GDPR (General Data Protection Regulation), you must create and distribute a privacy notice. This document ensures that individuals are aware of the way their personal data is processed, helping them understand what data is being collected, why and how it’s being used, and how …
Last month, the European Commission adopted new recommendations to help organisations transfer personal data across the world with greater security. Notably, organisations are now encouraged to incorporate risk-based assessments for personal data transfers that are centred on real-world experience rather …
We’ve come a long way since the panic and scepticism that accompanied the introduction of the GDPR (General Data Protection Regulation). Several high-profile fines and the continued warnings from regulators have led to a sharp uptick in the number of …
Did you know that the GDPR (General Data Protection Regulation) doesn’t just apply to basic information like names and addresses, but also to information about people’s habits and movements? This means that things like having CCTV and monitoring employees’ browsing activities are covered by the Regulation. However, that doesn’t mean you can no longer put up cameras or track your employees; it just means you need to be more careful about how …
On 5 September, the highest body of the European Court of Human Rights (ECHR) restricted employers’ power to monitor the private messages of their employees. The ruling overturns a lower court’s decision to back an organisation that sacked one of …
The rhetoric in the run-up to the GDPR (General Data Protection Regulation) taking effect was that any organisation that didn’t have immaculate compliance practices would be in line for a €20 million fine. Although only the most frantic commentators thought …
Business to business marketers have had countless questions about the GDPR (General Data Protection Regulation) since it took effect – and for good reason. Sensitive data is at the centre of everything they do. They need names, contact information and any …
Last month, France’s data protection authority, the CNIL, imposed a €150,000 fine on a data controller and a €75,000 fine on its data processor for their failure to implement adequate security measures. The ruling followed a credential stuffing attack against …
Staff awareness training is an essential component of the GDPR (General Data Protection Regulation), but do you know how it works in practice? Here are seven things you can do to make your awareness programme a success.
As you might have expected, the GDPR (General Data Protection Regulation) has created a spike in demand for data protection and privacy experts. Organisations are desperate to hire people who can guide them towards regulatory compliance and avoid large fines. For many organisations, this isn’t just a …
