dcsimg

Data breach costs Netherlands hospital €460,000

Haga Hospital, based in the Netherlands, was this week fined €460,000 by the Dutch data protection authority (AP) for breaching the GDPR (General Data Protection Regulation).   Haga was investigated by the AP after 85 hospital employees had access to the medical records of Samantha de Jong, AKA Barbie, a well–known Dutch reality TV star.   In addition to the fine, Haga must improve the … [Read more...]

Apple hit with third DPC enquiry

Ireland’s DPC (Data Protection Commissioner) has launched a third investigation into Apple’s GDPR (General Data Protection Regulation) compliance.  The investigation will examine the tech giant’s compliance with the relevant GDPR provisions in relation to a customer’s DSAR (data subject access request). It follows two investigations opened last year into Apple’s processing of personal data and … [Read more...]

Should you take a GDPR or DPO training course?

The introduction of the GDPR (General Data Protection Regulation) has led to a surge in interest in data protection training courses.  Education is particularly important for anyone taking on the responsibilities of the DPO (data protection officer), a position that’s become a formal requirement for many organisations.  But how should you pursue training? Should you enrol on a DPO training … [Read more...]

How the GDPR affects CCTV and workplace monitoring

Did you know that the GDPR (General Data Protection Regulation) doesn’t just apply to basic information like names and addresses, but also to information about people’s habits and movements?  This means that things like having CCTV and monitoring employees’ browsing activities are covered by the Regulation.  However, that doesn’t mean you can no longer put up cameras or track your employees; it … [Read more...]

British Airways fine could be the start of GDPR tidal wave

Earlier this week, the ICO (Information Commissioner’s Office), the UK’s data protection authority, announced that it would be fining British Airways £183.4 million (about €204 million) for a data breach that occurred last year.  The incident, which affected 500,000 customers, involved a sophisticated attack in which criminals diverted traffic from British Airways’ website to a bogus replica, … [Read more...]

The UK’s iCO is Handing Out GDPR Fines Like Candy

In the past week, British Airways and Marriott Hotels have been hit with a combined $350 million in fines. … [Read more...]

What should a US federal data privacy law ideally include?

In the constant David-and-Goliath struggle between digital privacy advocates and corporate privacy invaders, the question of how to legally protect Americans with a comprehensive, federal data privacy law provides conflicting answers. Advocates want protections, which Big Tech interprets as restrictions. As of today, there is no one digital privacy law to rule them all. While a few state laws … [Read more...]

GDPR in Ireland – the facts and figures

In this excerpt from GDPR – One Year On, Alice Turley discusses the impact of the GDPR (General Data Protection Regulation) in Ireland.    Data breach notifications in Ireland  Figures from the DPC’s (Data Protection Commission) first annual report show that a total of 4,740 valid data breach notifications were received in 2018. This is a 70% increase on the 2017 figure of 2,795.  There … [Read more...]

Identify your GDPR compliance gaps

In 2018, the number of data breaches almost tripled compared to the previous year. In just the first six months of this year, the number of data breaches has tripled again.  With data breaches on the rise, and Microsoft and WhatsApp recently proving that even the most high-profile organisations can fall victim, compliance with the GDPR (General Data Protection Regulation) is more important than … [Read more...]

From pandemonium to fines – a review of GDPR enforcement in Europe

Do you remember the Y2K bug in the run-up to the new millennium? Warnings that computer systems and networks would stop functioning on 1 January 2000 led to panic and pandemonium as people prepared for its impact.   In some ways, the introduction of the GDPR (General Data Protection Regulation) was reminiscent of the Y2K scare.  Despite the two-year transition period, a lot of organisations left … [Read more...]