dcsimg

Upcoming ISO 27001 and GDPR webinars. Register today!

ISO 27001   Assessing compliance: the ISO 27001 ISMS internal audit  28 September 2018, 2:00–3:15 pm (GMT)  Testing and assessing your information security measures is essential to ascertain whether the controls you have implemented are working effectively. Compliance with the international information security standard ISO 27001 requires continual monitoring and regular reviews of your ISMS … [Read more...]

Why your organisation should consider outsourcing its DPO

Since the EU’s GDPR (General Data Protection Regulation) came into effect in May 2018, demand for DPOs (data protection officers) has increased. The Regulation stipulates that certain organisations must appoint a DPO to support their GDPR compliance. DPOs also have an essential role as intermediaries between relevant stakeholders, such as supervisory authorities, data subjects, and business units … [Read more...]

Finding the right candidate to be your DPO

Complying with the EU GDPR (General Data Protection Regulation) is mostly about hard work and organisation, but there’s also a little bit of luck involved – at least when it comes to appointing a DPO (data protection officer). The position, which is mandatory for many organisations under the GDPR, has caused a massive spike in demand for data protection experts. Unless the perfect candidate falls … [Read more...]

Auditing your GDPR compliance

The EU General Data Protection Regulation (GDPR) has imposed many new obligations on organisations that process EU residents’ personal data. An audit will assess whether your organisation is meeting these obligations.  However, before an external auditor assesses the measures you’ve taken to comply with the Regulation, it’s worth conducting an internal audit to review whether your controls, … [Read more...]

Snapchat releases details of its GDPR compliance measures

Snapchat has announced changes to its privacy policy and user settings as it prepares for the EU General Data Protection Regulation (GDPR), which takes effect on 25 May 2018. Many organisations have downplayed the requisite changes as ‘tweaks’ to their policies, but Snapchat has made a point of emphasising its widespread alterations. The most significant revelation is that, unlike rival messaging … [Read more...]

The GDPR: What you need to know about DPIAs

Article 35 of the EU General Data Protection Regulation (GDPR) introduces the concept of data protection impact assessments (DPIAs). DPIAs help organisations identify and minimise privacy risks in data processing activities. They are essential if you process any high-risk data, but they are also relevant when you are introducing a new data collection process, system or technology. An effective … [Read more...]

Who is taking control of your organisation’s GDPR compliance project?

If you’re not among the organisations panicking over the EU General Data Protection Regulation (GDPR), consider yourself either lucky or well prepared. We’re not necessarily referring to sending teams of data protection experts scrambling between departments to check that processes are compliant. That, we expect, is pretty much par for the course – in fact, if all you are doing is checking, you … [Read more...]

The GDPR is imminent – don’t forget to register your DPO

Under the EU General Data Protection Regulation (GDPR), certain organisations will be required to appoint a data protection officer (DPO). Organisations are required to register their DPO’s details with their national supervisory authority. In Ireland this is the Office of the Data Protection Commissioner, which should have an online form available shortly to facilitate the DPO notification … [Read more...]

The GDPR and Brexit

In less than a month from now, the General Data Protection Regulation (GDPR) comes into force across the EU. It is expected that businesses and charities across Ireland have taken the necessary measures, such as preparing new policies, appointing chief information security officers, restricting IT admin rights and installing firewalls and controls over company-owned devices, to ensure compliance … [Read more...]

Possible breach at INM threatening ‘the very core’ of investigative journalism

The Office of the Data Protection Commissioner (ODPC) has claimed that data relating to former and current staff at Independent News & Media (INM), including four journalists and former directors, has been breached. The Office of the Director of Corporate Enforcement (ODCE) was concerned that data was removed from the organisation’s premises in October 2014, and subsequently taken out of the … [Read more...]