dcsimg

How does the GDPR affect sole traders?

Almost all EU-based organisations are affected by the GDPR (General Data Protection Regulation), from sole traders to multinationals.  But even though the GDPR unifies data protection rules across Europe, not all businesses will face the same problems. We’ve covered many of the issues you’re likely to face, but this blog focuses on the way sole traders should approach their compliance … [Read more...]

The GDPR has led to a spike in DSARs (data subject access requests)

Depending on who you ask, the GDPR (General Data Protection Regulation) has either overhauled the way organisations handle personal data or it’s a complex and ultimately pointless piece of bureaucracy.  Fortunately, the number of people in the latter camp has shrunk in the past year or so, as the GDPR has proven to have a tangible effect on business. And we’re not just talking about fines, both … [Read more...]

Google wins landmark ruling on the ‘right to be forgotten’

A landmark ruling by the ECJ (European Court of Justice) says that Google does not have to apply the ‘right to be forgotten’ globally.  The case goes back to 2015 when the French data protection authority (CNIL) ruled that Google must remove damaging or false information from the search engine when the ‘right to be forgotten’ is requested. Google was also fined €100,000 for failing to apply … [Read more...]

Does your organisation’s data protection policy comply with the GDPR?

The introduction of the GDPR (General Data Protection Regulation) has meant that organisations across Europe must be a lot more rigorous about the way they handle people’s personal data.  One of the most important steps is to create a data protection policy to make sure employees know exactly what they should and shouldn’t do when processing or storing sensitive information.    What a data … [Read more...]

Is your organisation’s privacy notice GDPR compliant?

If your organisation is subject to the GDPR (General Data Protection Regulation), you must create and distribute a privacy notice.  This document ensures that individuals are aware of the way their personal data is processed, helping them understand what data is being collected, why and how it’s being used, and how long it will be kept.  But there are several other reasons organisations should … [Read more...]

How to write a GDPR data breach notification procedure

Documenting your GDPR compliance can be tough, but a little guidance and access to documentation templates can make things much easier.  The documentation process is one of the most important parts of GDPR (General Data Protection Regulation) compliance. What you write dictates the way you approach security and privacy, and any mistakes will set you up for failure when those documents are called … [Read more...]

DPC concludes Public Services Card investigation

This week, Ireland’s DPC (Data Protection Commission) released the findings of its investigation into the controversial PSC (Public Services Card).  What is the PSC? The PSC was introduced as part of a social welfare pilot scheme in 2011. It displays the holder’s full name, PPS (Personal Public Service) number, signature and photograph.   The card was initially required for social welfare … [Read more...]

How will a no-deal Brexit affect data transfers between Ireland and the UK?

With the UK once again on the precipice of Brexit, organisations across Ireland remain shackled by uncertainty. There is still no clear picture on what Brexit will look like, and fundamental issues, like whether the UK will strike a formal agreement with the EU before it leaves, are up in the air.  The prospect of a no-deal has increased since Boris Johnson became prime minister, but experts still … [Read more...]

What is ISO 27001 and why should your organisation adopt it?

If you’re considering implementing ISO 27001, the international standard for information security, you’ve probably heard experts like us talk about the benefits.  But what exactly does the Standard do, and how does it help your organisation? This blog will answer both those questions.    What is ISO 27001?  ISO 27001 is the international standard that describes best practice for an ISMS … [Read more...]

GDPR – maintaining compliance and Brexit

In our final blog, GDPR – One Year On, Alice Turley examines the impact of the GDPR maintaining compliance with the Regulation, and the effect of Brexit on the Regulation.     Key messages from the DPC The Association of Compliance Officers in Ireland held a conference on 31 March 2019 focusing on data breach notifications and risk assessments. Among those speaking was Niall Cavanagh, … [Read more...]