dcsimg

How does the GDPR affect sole traders?

Almost all EU-based organisations are affected by the GDPR (General Data Protection Regulation), from sole traders to multinationals.  But even though the GDPR unifies data protection rules across Europe, not all businesses will face the same problems. We’ve covered many of the issues you’re likely to face, but this blog focuses on the way sole traders should approach their compliance … [Read more...]

Data Protection and the risks associated with the Cloud

This book is intended to be an introduction to the risks involved in Cloud sourcing, to enable managers to ask the right questions. Suggestions are offered for the kind of risks an organisation’s use of the Cloud might generate, and the remedial measures that might be taken. These are given as examples only and are not intended to be a substitute for qualified legal or technical advice. Other … [Read more...]

The GDPR has led to a spike in DSARs (data subject access requests)

Depending on who you ask, the GDPR (General Data Protection Regulation) has either overhauled the way organisations handle personal data or it’s a complex and ultimately pointless piece of bureaucracy.  Fortunately, the number of people in the latter camp has shrunk in the past year or so, as the GDPR has proven to have a tangible effect on business. And we’re not just talking about fines, both … [Read more...]

Ransomware Protection Tips

You hope that your systems never get attacked by Ransomware, but in case you do, you want to be prepared. One of the best ways to recover from such a malicious attack is to ensure you keep good and recent backups of your systems. But even with that, you can only recover back to the last known good backup. What about the files worked on since that last good backup? To fully recover from a … [Read more...]

How EU organisations’ GDPR requirements will change in a no-deal Brexit scenario

We’re now, once again, on the precipice Brexit, and as the deadline nears, you’ll see more stories appear about how EU-based organisations will be affected by the UK’s departure from the EU.  European organisations with ties to the UK are particularly concerned about the ramifications of the GDPR (General Data Protection Regulation). With the UK’s EU status up in the air, organisations must … [Read more...]

Google wins landmark ruling on the ‘right to be forgotten’

A landmark ruling by the ECJ (European Court of Justice) says that Google does not have to apply the ‘right to be forgotten’ globally.  The case goes back to 2015 when the French data protection authority (CNIL) ruled that Google must remove damaging or false information from the search engine when the ‘right to be forgotten’ is requested. Google was also fined €100,000 for failing to apply … [Read more...]

Polish data protection authority issues €645,000 fine to online retailer

Poland’s Personal Data Protection Office (UODO) this week imposed a PLN 2.8 million (€645,000) fine on online retailer Morele.net for “insufficient organisational and technical safeguards”.  The data breach affected approximately 2.2 million customers who purchased products through one of the group’s nine websites.   The extent of the data breach The leaked data included names, telephone … [Read more...]

A compliance checklist for the 12 requirements of the PCI DSS

Any organisation that stores, processes or transmits payment card data must comply with the PCI DSS (Payment Card Industry Data Security Standard).  The Standard contains 12 requirements, which we’ll run through in this blog along with an overview of the steps you should complete to meet each one.   1. Install and maintain a firewall configuration to protect cardholder data Firewalls control … [Read more...]

DPC concludes Public Services Card investigation

This week, Ireland’s DPC (Data Protection Commission) released the findings of its investigation into the controversial PSC (Public Services Card).  What is the PSC? The PSC was introduced as part of a social welfare pilot scheme in 2011. It displays the holder’s full name, PPS (Personal Public Service) number, signature and photograph.   The card was initially required for social welfare … [Read more...]

How will a no-deal Brexit affect data transfers between Ireland and the UK?

With the UK once again on the precipice of Brexit, organisations across Ireland remain shackled by uncertainty. There is still no clear picture on what Brexit will look like, and fundamental issues, like whether the UK will strike a formal agreement with the EU before it leaves, are up in the air.  The prospect of a no-deal has increased since Boris Johnson became prime minister, but experts still … [Read more...]