dcsimg

Think you’re GDPR compliant? Think again.

Organizations have had two years to make the policy and procedural changes required to be in compliance with its requirements, and it seems as if that’s been all that many companies have been focused on as the deadline approached. … [Read more...]

The DPO role and why you should consider outsourcing it

Under the EU GDPR (General Data Protection Regulation), which came into force on 25 May 2018, certain organisations are required to appoint a DPO (data protection officer). An organisation is required to appoint a designated DPO where it is a public authority or body, or where its core activities consist of either: Data processing operations that require regular and systematic monitoring of data … [Read more...]

52% of web applications contain high-severity vulnerabilities

A new study has highlighted the poor state of web application security. Positive Technologies tested various web applications, and found that every single one contained vulnerabilities, with 52% containing high-severity weaknesses.  The Web Application Vulnerabilities report also found that:  48% of tested applications are vulnerable to unauthorised access;  44% of applications placed personal … [Read more...]

Could your supply chain derail your GDPR compliance efforts?

Last week we reported on the Ticketmaster breach, which might have affected Irish customers. This breach was caused by malicious software located on a customer support product hosted by an external third-party supplier, Inbenta Technologies. Since the breach was announced by Ticketmaster on 23 June, it has emerged that the company may have been warned about the breach as far back as April, … [Read more...]

Norwegian study finds Google and Facebook manipulate users to share data despite GDPR

A recent study by the Norwegian government has found that Facebook and Google push users to share private information by using “invasive” and limited default options. The Norwegian Consumer Council’s Deceived By Design report suggests that the tech giants’ privacy updates clash with the new GDPR (General Data Protection Regulation). In a statement, the council’s director of digital services, … [Read more...]

Swedish Data Inspectorate begins first reviews under the GDPR

  The Data Inspectorate of Sweden has begun its first reviews under the GDPR (General Data Protection Regulation) to ascertain whether authorities and companies that are obliged to appoint a DPO (data protection officer) have done so. Those being examined operate in the private healthcare, insurance and financial sectors. Jonas Agnvall, a lawyer at the Data Inspectorate who is heading the … [Read more...]

Ticketmaster Ireland informs customers of a possible data breach

Ticketmaster Ireland has informed customers about a potential data breach that may have compromised their personal and payment details. Users who purchased tickets from the site between February and June of this year may be affected. “On Saturday, June 23, 2018, Ticketmaster UK identified malicious software on a customer support product hosted by Inbenta Technologies, an external third-party … [Read more...]

How to maintain GDPR compliance when using Google Analytics

News coverage of the EU General Data Protection Regulation (GDPR) has eased since it took effect on 25 May 2018, but that’s no indication of organisations’ level of compliance. Many are still struggling to understand the GDPR, and looking for advice wherever they can get it.  Webmasters are among those most in need of help. They process a lot of personal information, and often rely on third … [Read more...]

How to register a DPO in Ireland

Under the EU General Data Protection Regulation (GDPR), which came into force on 25 May 2018, certain organisations are required to appoint a data protection officer (DPO). These organisations must register the details of their DPO with their relevant supervisory authority. Registering a DPO in Ireland In Ireland, the Office of the Data Protection Commissioner (DPC) has released an online … [Read more...]

Auditing your GDPR compliance

The EU General Data Protection Regulation (GDPR) has imposed many new obligations on organisations that process EU residents’ personal data. An audit will assess whether your organisation is meeting these obligations.  However, before an external auditor assesses the measures you’ve taken to comply with the Regulation, it’s worth conducting an internal audit to review whether your controls, … [Read more...]