What am I supposed to do with all these privacy policy emails?

Society doesn’t tend to agree on much, but late last week hundreds of millions of people were united by the question: “What’s with all these emails about updated privacy policies?” The flurry of messages led to many jokes and memes, but lost among the humour was the reason for this torrent of emails. It wasn’t just an amazing coincidence that every organisation you’ve ever visited updated its … [Read more...]

Is your HR department ready for the GDPR?

HR departments deal with personal data daily, so the introduction of the EU General Data Protection Regulation (GDPR) will have a big effect. Staff will need to follow different processes for collecting and storing personal data, and learn how to comply with individuals’ strengthened rights. For example, under the GDPR, organisations need to inform data subjects of their rights to access any … [Read more...]

3 GDPR compliance traps to watch out for

Anyone in the process of complying with the EU General Data Protection Regulation (GDPR) will know that it’s hard work. Misinterpreting the GDPR can cause organisations to waste time and effort on ineffective measures, and unless they spot their mistake, they could be subject to disciplinary action. This blog outlines some of the mistakes organisations make when preparing for the GDPR, and … [Read more...]

The GDPR: Why you need to adopt the principles of privacy by design

The EU General Data Protection Regulation (GDPR) requires organisations to adopt the principles of “privacy by design and by default”. These concepts require organisations to embed security measures into their systems at the outset, rather than applying features retroactively. It should be applied whenever an organisation: Builds a new IT system for storing or accessing personal data; Develops … [Read more...]

The GDPR: Understanding the 6 data protection principles

The EU General Data Protection Regulation (GDPR) outlines six data protection principles that organisations need to follow when collecting, processing and storing individuals’ personal data. The data controller is responsible for complying with the principles and must be able to demonstrate the organisation’s compliance practices. We’ve listed the six principles here with advice on how you can … [Read more...]