dcsimg

How to respond to a data breach

Under the EU GDPR (General Data Protection Regulation), organisations must report personal data breaches to their supervisory authority within 72 hours of discovering or becoming aware of it. You might think that’s an impossibly short deadline, but don’t fear, you’re not expected to provide a comprehensive report at this stage. The process is simply to ensure that organisations are aware of … [Read more...]

Are you #BreachReady?

It seems like we hear about yet another data breach on a daily basis, with recognised companies such as Ticketmaster and Dixons Carphone – to name but a few – suffering at the hands of criminal hackers. If you think it only happens to large organisations, think again Since the EU’s GDPR (General Data Protection Regulation) came into effect in May, the DPC (Data Protection Commissioner) has dealt … [Read more...]

Finding the right candidate to be your DPO

Complying with the EU GDPR (General Data Protection Regulation) is mostly about hard work and organisation, but there’s also a little bit of luck involved – at least when it comes to appointing a DPO (data protection officer). The position, which is mandatory for many organisations under the GDPR, has caused a massive spike in demand for data protection experts. Unless the perfect candidate falls … [Read more...]

The top cyber security trends of 2018 so far

There have been more than 600 data breaches this year, so people who want to pick out the most serious incidents have plenty to choose from. It’s not simply a case of finding the breaches involving the highest number of stolen records, because a breach compromising names and email addresses isn’t the same as a breach compromising payment card information. Besides, infrastructural damage and … [Read more...]

Who requires a DPO?

As of 25 May 2018, the EU GDPR (General Data Protection Regulation) is the primary piece of legislation governing data protection. The requirement for Irish organisations to register their data processing activities with the DPC (Data Protection Commission), which existed under the previous regime, no longer applies. However, under the GDPR, certain organisations are required to appoint a DPO … [Read more...]

The DPO role and why you should consider outsourcing it

Under the EU GDPR (General Data Protection Regulation), which came into force on 25 May 2018, certain organisations are required to appoint a DPO (data protection officer). An organisation is required to appoint a designated DPO where it is a public authority or body, or where its core activities consist of either: Data processing operations that require regular and systematic monitoring of data … [Read more...]

Could your supply chain derail your GDPR compliance efforts?

Last week we reported on the Ticketmaster breach, which might have affected Irish customers. This breach was caused by malicious software located on a customer support product hosted by an external third-party supplier, Inbenta Technologies. Since the breach was announced by Ticketmaster on 23 June, it has emerged that the company may have been warned about the breach as far back as April, … [Read more...]

Norwegian study finds Google and Facebook manipulate users to share data despite GDPR

A recent study by the Norwegian government has found that Facebook and Google push users to share private information by using “invasive” and limited default options. The Norwegian Consumer Council’s Deceived By Design report suggests that the tech giants’ privacy updates clash with the new GDPR (General Data Protection Regulation). In a statement, the council’s director of digital services, … [Read more...]

Swedish Data Inspectorate begins first reviews under the GDPR

  The Data Inspectorate of Sweden has begun its first reviews under the GDPR (General Data Protection Regulation) to ascertain whether authorities and companies that are obliged to appoint a DPO (data protection officer) have done so. Those being examined operate in the private healthcare, insurance and financial sectors. Jonas Agnvall, a lawyer at the Data Inspectorate who is heading the … [Read more...]

Ticketmaster Ireland informs customers of a possible data breach

Ticketmaster Ireland has informed customers about a potential data breach that may have compromised their personal and payment details. Users who purchased tickets from the site between February and June of this year may be affected. “On Saturday, June 23, 2018, Ticketmaster UK identified malicious software on a customer support product hosted by Inbenta Technologies, an external third-party … [Read more...]