dcsimg
July 17, 2019

Data breach costs Netherlands hospital €460,000

Haga Hospital, based in the Netherlands, was this week fined €460,000 by the Dutch data protection authority (AP) for breaching the GDPR (General Data Protection Regulation).   Haga was investigated by the AP after 85 hospital employees had access to the medical records of Samantha de Jong, AKA Barbie, a well–known Dutch reality TV star.   In addition to the fine, Haga must improve the … [Read more...]

Filed Under: breach, Breaches and Hacks, cyber breach, data breach, data breach notification, data breaches, Data Protection, eu general data protection, eu general data protection regulation, GDPR, GDPR Breach, general data protection regulation
July 11, 2019

British Airways fine could be the start of GDPR tidal wave

Earlier this week, the ICO (Information Commissioner’s Office), the UK’s data protection authority, announced that it would be fining British Airways £183.4 million (about €204 million) for a data breach that occurred last year.  The incident, which affected 500,000 customers, involved a sophisticated attack in which criminals diverted traffic from British Airways’ website to a bogus replica, … [Read more...]

Filed Under: Comply with the GDPR, data, data breach, data breach notification, data breaches, Data Protection, Data Security, EU GDPR, eu general data protection regulation, fines GDPR, GDPR, GDPR Breach, gdpr compliance, GDPR consent, Irish Blogs
June 20, 2019

Things to consider when processing biometric data

Biometric data is being used in countless systems these days. If you’ve ever used your fingerprint scan to unlock your phone or facial recognition software, then your biometric data is being processed.  But like any form of data, biometrics – i.e. information relating to individual’s physical, physiological or behavioural characteristics – are potentially accessible by malicious sources, and the … [Read more...]

Filed Under: biometric data, data, Data Protection, Data Protection Act, Data Protection Bill, data protection commissioner, data protection principles GDPR, EU GDPR, eu general data protection, eu general data protection regulation, GDPR, gdpr awareness, gdpr compliance, GDPR consent, GDPR documentation, general data protection regulation
May 17, 2019

WhatApp users urged to update app after serious security vulnerability discovered

WhatsApp, the messaging app owned by Facebook, confirmed a serious security vulnerability in its system on Monday, 13 May that left users open to spyware installations on their phone.   The breach, affecting both iOS and Android users, enabled the software to be installed through voice calls, even if the call wasn’t picked up. In some cases, the call was removed from the call log, so the missed … [Read more...]

Filed Under: Breaches and Hacks, data breach, data breach notification, data breaches, eu general data protection, eu general data protection regulation, GDPR, general data protection regulation
May 3, 2019

Ireland’s DPC investigates Facebook over password breach

Ireland’s DPC (Data Protection Commission) has launched a statutory inquiry into Facebook following the disclosure of a data breach affecting millions of users.  The social media giant announced in March that a routine security review at the beginning of the year found millions of user passwords stored in plaintext on … [Read more...]

Filed Under: Breaches and Hacks, data breach, data breaches, Data Protection, data protection commissioner, data protection principles GDPR, eu general data protection regulation, facebook, GDPR, GDPR Breach, general data protection regulation
May 1, 2019

Hospital patients’ medical notes found on Drogheda estate

Hospital notes on patients who attended Our Lady of Lourdes Hospital in Drogheda, Co. Louth were discovered on a housing estate earlier this week.  The doctor handover notes, detailing the dates of birth, family situations, medical conditions and hospital wards attended of ten patients who visited the hospital’s emergency … [Read more...]

Filed Under: Breaches and Hacks, data breach, data breach notification, data breaches, data protection commissioner, eu general data protection, eu general data protection regulation, GDPR, GDPR Breach, gdpr compliance, general data protection regulation
April 18, 2019

What are the 6 data protection principles of the GDPR?

A version of this blog was originally published 31 January 2018.  The GDPR (General Data Protection Regulation) outlines six principles that organisations must follow when collecting, processing and storing individuals’ personal data. Data controllers are responsible for complying with those principles, and they must have documented proof of how the organisation is meeting … [Read more...]

Filed Under: cyber regulations, data processing, data protection principles GDPR, Data Security, eu general data protection, eu general data protection regulation, GDPR, gdpr compliance, gdpr explained, gdpr guidance, GDPR resources, general data protection regulation
April 16, 2019

10 steps to GDPR compliance: How prepared are you?

This blog has been updated to reflect industry changes. Originally published 16 October 2017.  It’s not too late to comply with the GDPR (General Data Protection Regulation). The Regulation might have come into effect last year, but it’s requirements need to be regularly reviewed. As such, it doesn’t matter what your compliance posture was six months or a year … [Read more...]

Filed Under: data processing, Data Protection, Data Protection Act, data protection principles GDPR, Data Security, eu general data protection, eu general data protection regulation, GDPR, gdpr compliance, GDPR resources, GDPR training, general data protection regulation
April 2, 2019

How the GDPR affects cookie policies

Updated to reflect developments since the GDPR took effect. Originally published on 15 September 2017.  Cookies are mentioned only once in the GDPR (General Data Protection Regulation), but the repercussions are significant for any organisation that uses them to track users’ browsing activity.  Recital 30 of the GDPR states:  “Natural persons may be associated with … [Read more...]

Filed Under: cookie policy, Cookies Compliance, Cookies law, Data Protection, Data Security, eu general data protection, eu general data protection regulation, GDPR, gdpr compliance, gdpr guidance, general data protection regulation
February 28, 2019

How will a no-deal Brexit affect EU data transfers?

With Brexit day fast-approaching and the UK and EU in negotiation deadlock, it’s time for organisations to work under the assumption that a formal withdrawal agreement won’t be in place by 29 March 2019.  This will be hard work for many of your business activities, but things are surprisingly straightforward regarding personal data … [Read more...]

Filed Under: Brexit, Data Protection, Data Security, eu general data protection regulation, GDPR, gdpr compliance, general data protection regulation
Next Page »