dcsimg

How does the GDPR affect sole traders?

Almost all EU-based organisations are affected by the GDPR (General Data Protection Regulation), from sole traders to multinationals.  But even though the GDPR unifies data protection rules across Europe, not all businesses will face the same problems. We’ve covered many of the issues you’re likely to face, but this blog focuses on the way sole traders should approach their compliance … [Read more...]

How will a no-deal Brexit affect data transfers between Ireland and the UK?

With the UK once again on the precipice of Brexit, organisations across Ireland remain shackled by uncertainty. There is still no clear picture on what Brexit will look like, and fundamental issues, like whether the UK will strike a formal agreement with the EU before it leaves, are up in the air.  The prospect of a no-deal has increased since Boris Johnson became prime minister, but experts still … [Read more...]

Cyber attacks and data breaches in review: July 2019

July 2019 was one of the worst months ever from a cyber security perspective. With incidents like the massive breach at the Chinese tech supplier Orvibo and another leaked database filled with Evite customers’ personal details, the second half of the year began with a mammoth 2,226,042,039 breached records.  You can see a full breakdown of those breaches on our sister site, IT Governance UK. In … [Read more...]

How to become a data protection officer

As you might have expected, the GDPR (General Data Protection Regulation) has created a spike in demand for data protection and privacy experts. Organisations are desperate to hire people who can guide them towards regulatory compliance and avoid large fines.  For many organisations, this isn’t just a wish; they are legally required to find such a person and appoint them as a DPO (data protection … [Read more...]

How the GDPR affects CCTV and workplace monitoring

Did you know that the GDPR (General Data Protection Regulation) doesn’t just apply to basic information like names and addresses, but also to information about people’s habits and movements?  This means that things like having CCTV and monitoring employees’ browsing activities are covered by the Regulation.  However, that doesn’t mean you can no longer put up cameras or track your employees; it … [Read more...]

GDPR in Ireland – the facts and figures

In this excerpt from GDPR – One Year On, Alice Turley discusses the impact of the GDPR (General Data Protection Regulation) in Ireland.    Data breach notifications in Ireland  Figures from the DPC’s (Data Protection Commission) first annual report show that a total of 4,740 valid data breach notifications were received in 2018. This is a 70% increase on the 2017 figure of 2,795.  There … [Read more...]

Why your organisation needs a privacy notice

Your organisation must create and circulate a privacy notice. It’s a document given to data subjects explaining how their personal data is being collected and used.  Any organisation that’s subject to the GDPR (General Data Protection Regulation) is required to have a privacy policy, as it helps them comply with two of Regulation’s core principles.  First, it promotes … [Read more...]

Things to consider when processing biometric data

Biometric data is being used in countless systems these days. If you’ve ever used your fingerprint scan to unlock your phone or facial recognition software, then your biometric data is being processed.  But like any form of data, biometrics – i.e. information relating to individual’s physical, physiological or behavioural characteristics – are potentially accessible by malicious sources, and the … [Read more...]

An overview of the GDPR with Alice Turley, data protection expert

The GDPR (General Data Protection Regulation), which came into effect on 25 May 2018, places obligations on organisations to be more accountable for data protection.   What is personal data?  Personal data is any information relating to an identified or identifiable natural person (data subject). The GDPR places much stronger controls on the processing of special categories of personal data … [Read more...]

The GDPR: How to respond to data subject access requests

The introduction of the GDPR (General Data Protection Regulation) requires all organisations within its scope to give data subjects the right to review the personal data being held on them.  Individuals can make this request by submitting a DSAR (data subject access request), which organisations must respond to by providing:  Confirmation that the individual’s data is being processed.  Access to … [Read more...]