Latest data news
Data is a risky business and you might need to assess the situation
As we’ve said many times before… Data – if you don’t need it, don’t keep it. It can be a risky business! We have seen a sudden surge in the number of calls we are receiving and the number of people applying for the GDPR training courses that we run. I have to confess, there have been moments when I was concerned that all the GDPR advertising would start to have the same annoying effect as the persistent PPI adverts. It appears that people are starting to pay attention to the GDPR noise now. I hear about it on the radio and it’s coming up a lot on people’s social media feeds.
The Data Protection Bill and the GDPR
You might think you are prepared for the GDPR but don’t relax just yet… You wouldn’t be the only one to presume the GDPR covered everything about data protection and to not be aware of the Data Protection Bill debate currently going on in the House of Commons. The recent debate in the House of Commons about the Data Protection Bill has bought further pending changes to data protection in the UK. Most processing of personal data will be subject to the GDPR which is due to come into force on the 25th May 2018.
Who are the data controllers and data processors within an organisation?
There’s a wind of change in the big wide world of data regulation and the GDPR. More organisations are becoming aware of the GDPR and business owners have started to ask a lot of important questions. Phew! At last, the message is getting through. However, there is still some confusion about data accountability. Most recently, I have been asked to explain the job roles of a data controller and data processor.
DIY data breach protection – a business owner’s GDPR toolkit
When we have conversations with business owners about data protection there are key phrases that we look out for, little indicators that tell us those people most probably aren’t ready for the new regulations - for example: ‘I have a department that deals with all that legal stuff, they will sort it out.’
Most people won’t even see 50% or more of the data exposure risks in this scene, can you?
We see these scenes like this every day and perhaps take things for granted or we presume or ignore. We miss the obvious. Recently I was discussing potential ‘data breach hazards’ in the office with a customer. Explaining how something as basic as an office rubbish bin has a big part to play in data protection. Normally when I mention this there is a pause in the conversation, followed by a realisation as to what I am talking about or just silence and a look of confusion.
The role of a Data Protection Officer
“You’re fired!” The General Data Protection Regulation (GDPR) protects Data Protection Officers (DPOs). If a company breaches the new data laws, firing the DPO won’t be an option! A DPO is an enterprise security leadership role required by the GDPR in certain circumstances. DPOs are responsible for overseeing data protection strategy and implementation to ensure compliance with GDPR requirements.
Is a Privacy Shield compliant with the GDPR?
The big question is… If a company is self-certified under the Privacy Shield, would that mean the company would be automatically in compliance with GDPR? The GDPR, like the EU Directive, permits data transfer to countries with ‘adequate protection’. In the case of ‘self-certification’, who is to say that in a court of law, someone could simply demonstrate the company didn’t, in fact, meet certification requirements?
77% of charities named data loss as their biggest concern
An astonishing 84% of UK small business owners and 43% of senior executives of large companies are not aware of the forthcoming GDPR – according to research-live.com. (1) The research has also revealed that 75% of data will be unusable following the GDPR enforcement. According to w8data, only 25% of existing customer data meets the requirements of the GDPR. (2) That also applies to non - profitable organisations, the GDPR compliance requires organisations to fundamentally change their culture around data management, forcing organisations to undertake a wholesale review of their data processing procedures.
GDPR 2018 – put the date (not data) in your diary
It’s the start of a new year, hopefully, a happy and prosperous one. You are most probably starting to fill in your 2018 diaries. Be mindful of what you write down as we begin what will be the most significant year for data protection. The on and offline world will change as we know it. There will be strict requirements to examine consent, the retention of data, an individual’s rights, security and capturing information. We can help you understand those requirements…
The GDPR – looking ahead
As we make the transition from 2017 to 2018, we want to simplify what you need to know about the GDPR. Digital technology has transformed almost every aspect of our lives. Bringing the world closer together and changing our economy. As we know, it comes with its concerns. The government have introduced the GDPR (General Data Protection Regulation), a new data protection bill to be put into force on the 25th May 2018.
Do you know what data you’re capturing?
In this article we provide some helpful guidance, not only on consent itself, but knowing what information you are capturing, what you are doing with this data and how you can prove the lifecycle of this data when it comes to a Subject Access Request.