dcsimg

An overview of the GDPR with Alice Turley, data protection expert

The GDPR (General Data Protection Regulation), which came into effect on 25 May 2018, places obligations on organisations to be more accountable for data protection.   What is personal data?  Personal data is any information relating to an identified or identifiable natural person (data subject). The GDPR places much stronger controls on the processing of special categories of personal data … [Read more...]

The GDPR: How to respond to data subject access requests

The introduction of the GDPR (General Data Protection Regulation) requires all organisations within its scope to give data subjects the right to review the personal data being held on them.  Individuals can make this request by submitting a DSAR (data subject access request), which organisations must respond to by providing:  Confirmation that the individual’s data is being processed.  Access to … [Read more...]

List of data breaches and cyber attacks by region: May 2019

You might have noted that data breaches happen a lot. We post about incidents as often as we can, but it’s practically impossible to keep up.  That’s why we’ve decided to start compiling a monthly list of incidents from stories reported around the globe.  In our inaugural list, we look back at May 2019, in which there were at least 79 reported data breaches.  If we’ve missed anything, let us know … [Read more...]

What we’ve learned about the GDPR in its first year

This time last year, organisations were scrambling to meet the compliance deadline for the GDPR (General Data Protection Regulation), people’s inboxes were flooded with last-minute pleas for consent and social media was rammed with GDPR memes.  Twelve months later and the commotion surrounding the Regulation has calmed, but its impact remains. In this blog, we look at the effects the GDPR has had … [Read more...]

How to write GDPR-compliant consent forms

The new consent requirements introduced in the GDPR (General Data Protection Regulation) mean you need to be extra vigilant when it comes to requesting information. The rules for lawful consent are much tougher than in the past, and savvy data subjects will be bound to query anything that seems suspicious.  You can be sure your data processing activities meet the GDPR’s consent … [Read more...]

IT Governance Europe to speak about the GDPR, and transfers post-Brexit at Refresh Boyne event

Alice Turley, a GDPR consultant at IT Governance Europe, will take to the stage at the next Refresh Boyne event in Drogheda to talk about the impact of the GDPR one year on and how organisations can adequately protect their data transfers post-Brexit.   Alice, who is a qualified data protection, compliance and … [Read more...]

Ireland’s DPC investigates Facebook over password breach

Ireland’s DPC (Data Protection Commission) has launched a statutory inquiry into Facebook following the disclosure of a data breach affecting millions of users.  The social media giant announced in March that a routine security review at the beginning of the year found millions of user passwords stored in plaintext on … [Read more...]

Have experts been giving us bad advice for creating passwords?

For all the complexities of information security, the biggest vulnerability is an issue that seems easy to fix: poor passwords. The 2018 Verizon Data Breach Investigations Report found that password-cracking played a part in 81% of data breaches.  That’s not a surprise when so many of us exercise dire password … [Read more...]

What are the 6 data protection principles of the GDPR?

A version of this blog was originally published 31 January 2018.  The GDPR (General Data Protection Regulation) outlines six principles that organisations must follow when collecting, processing and storing individuals’ personal data. Data controllers are responsible for complying with those principles, and they must have documented proof of how the organisation is meeting … [Read more...]

10 steps to GDPR compliance: How prepared are you?

This blog has been updated to reflect industry changes. Originally published 16 October 2017.  It’s not too late to comply with the GDPR (General Data Protection Regulation). The Regulation might have come into effect last year, but it’s requirements need to be regularly reviewed. As such, it doesn’t matter what your compliance posture was six months or a year … [Read more...]