Latest data news
The GDPR – the aftermath and news headlines
It’s been over a week since the GDPR came into force and the world hasn’t come to an end! In this article we are going to look at the news headlines and expand on the stories with an interesting series of opinions. Were you ready for the new data regulations? Are you still struggling to comply? Get some peace of mind by listening to Elizabeth Denham – the Information Commissioner for the Information Commissioner’s Office (ICO). Listen to what she had to say when the GDPR came into force on the 25th May 2018. Her message is simple and reassuring for those businesses that weren’t ready for the deadline. The ICO is the UK’s independent authority set up to uphold information rights in the public interest, promoting openness by public bodies and data privacy for individuals. The ICO will enforce the GDPR.
Keep calm and use our GDPR checklist
Ready or not, here it comes… This article is to help avoid doubt in your mind about the GDPR and your business. We have incorporated a checklist and hopefully, you can answer ‘yes’ to everything. If you can’t and you are concerned, contact us today and we can advise you. We have the knowledge and expertise to guide you as we all take this new data protection journey. You have until Friday 25th May 2018 to be compliant with the GDPR. If you handle personal data, you need to demonstrate that you have taken the appropriate steps to protect the information you collect and retain about people.
The GDPR – looking beyond the 25th May 2018
It’s the final countdown to the beginning of a new data protection journey. Please note: The GDPR is a journey, not a final destination. When the clock strikes midnight on the 24th May, it wouldn’t be wise to put your slippers on and fall into a false sense of data protection security.
It was a win for data protection in all 3 cases
We want to help our readers understand data protection and the GDPR. As part of that process, we are going to take a step back in time and look at three data protection cases. The circumstances within these examples may be similar to the way that you handle personal data at the moment. There could be certain aspects or details that are relevant to your industry or the way you process personal data within your organisation.
Data is a risky business and you might need to assess the situation
As we’ve said many times before… Data – if you don’t need it, don’t keep it. It can be a risky business! We have seen a sudden surge in the number of calls we are receiving and the number of people applying for the GDPR training courses that we run. I have to confess, there have been moments when I was concerned that all the GDPR advertising would start to have the same annoying effect as the persistent PPI adverts. It appears that people are starting to pay attention to the GDPR noise now. I hear about it on the radio and it’s coming up a lot on people’s social media feeds.
The Data Protection Bill and the GDPR
You might think you are prepared for the GDPR but don’t relax just yet… You wouldn’t be the only one to presume the GDPR covered everything about data protection and to not be aware of the Data Protection Bill debate currently going on in the House of Commons. The recent debate in the House of Commons about the Data Protection Bill has bought further pending changes to data protection in the UK. Most processing of personal data will be subject to the GDPR which is due to come into force on the 25th May 2018.
Who are the data controllers and data processors within an organisation?
There’s a wind of change in the big wide world of data regulation and the GDPR. More organisations are becoming aware of the GDPR and business owners have started to ask a lot of important questions. Phew! At last, the message is getting through. However, there is still some confusion about data accountability. Most recently, I have been asked to explain the job roles of a data controller and data processor.
DIY data breach protection – a business owner’s GDPR toolkit
When we have conversations with business owners about data protection there are key phrases that we look out for, little indicators that tell us those people most probably aren’t ready for the new regulations - for example: ‘I have a department that deals with all that legal stuff, they will sort it out.’
Most people won’t even see 50% or more of the data exposure risks in this scene, can you?
We see these scenes like this every day and perhaps take things for granted or we presume or ignore. We miss the obvious. Recently I was discussing potential ‘data breach hazards’ in the office with a customer. Explaining how something as basic as an office rubbish bin has a big part to play in data protection. Normally when I mention this there is a pause in the conversation, followed by a realisation as to what I am talking about or just silence and a look of confusion.
The role of a Data Protection Officer
“You’re fired!” The General Data Protection Regulation (GDPR) protects Data Protection Officers (DPOs). If a company breaches the new data laws, firing the DPO won’t be an option! A DPO is an enterprise security leadership role required by the GDPR in certain circumstances. DPOs are responsible for overseeing data protection strategy and implementation to ensure compliance with GDPR requirements.
Is a Privacy Shield compliant with the GDPR?
The big question is… If a company is self-certified under the Privacy Shield, would that mean the company would be automatically in compliance with GDPR? The GDPR, like the EU Directive, permits data transfer to countries with ‘adequate protection’. In the case of ‘self-certification’, who is to say that in a court of law, someone could simply demonstrate the company didn’t, in fact, meet certification requirements?
77% of charities named data loss as their biggest concern
An astonishing 84% of UK small business owners and 43% of senior executives of large companies are not aware of the forthcoming GDPR – according to research-live.com. (1) The research has also revealed that 75% of data will be unusable following the GDPR enforcement. According to w8data, only 25% of existing customer data meets the requirements of the GDPR. (2) That also applies to non - profitable organisations, the GDPR compliance requires organisations to fundamentally change their culture around data management, forcing organisations to undertake a wholesale review of their data processing procedures.