dcsimg

The GDPR: How the right to be forgotten affects backups

The GDPR (General Data Protection Regulation) is a big, complex law, and, as it’s only natural that some elements appear to contradict each other.  One of those apparent contradictions involves arguably the most notorious aspect of the GDPR: the right to erasure (also known as the ‘right to be forgotten’).  This right – one of eight enshrined in the GDPR – allows individuals to request that … [Read more...]

How does the GDPR affect sole traders?

Almost all EU-based organisations are affected by the GDPR (General Data Protection Regulation), from sole traders to multinationals.  But even though the GDPR unifies data protection rules across Europe, not all businesses will face the same problems. We’ve covered many of the issues you’re likely to face, but this blog focuses on the way sole traders should approach their compliance … [Read more...]

The GDPR has led to a spike in DSARs (data subject access requests)

Depending on who you ask, the GDPR (General Data Protection Regulation) has either overhauled the way organisations handle personal data or it’s a complex and ultimately pointless piece of bureaucracy.  Fortunately, the number of people in the latter camp has shrunk in the past year or so, as the GDPR has proven to have a tangible effect on business. And we’re not just talking about fines, both … [Read more...]

How to become a data protection officer

As you might have expected, the GDPR (General Data Protection Regulation) has created a spike in demand for data protection and privacy experts. Organisations are desperate to hire people who can guide them towards regulatory compliance and avoid large fines.  For many organisations, this isn’t just a wish; they are legally required to find such a person and appoint them as a DPO (data protection … [Read more...]

The GDPR: Why you need to review your third-party service providers’ security

Organisations share personal data with third parties all the time, but can they be trusted?  The GDPR (General Data Protection Regulation) extended the scope of responsibility when it comes to data protection and privacy, so where does that leave you when it comes to security incidents caused by service providers?    How third-party relationships work under the GDPR Before we begin, let’s be … [Read more...]

Identify your GDPR compliance gaps

In 2018, the number of data breaches almost tripled compared to the previous year. In just the first six months of this year, the number of data breaches has tripled again.  With data breaches on the rise, and Microsoft and WhatsApp recently proving that even the most high-profile organisations can fall victim, compliance with the GDPR (General Data Protection Regulation) is more important than … [Read more...]

The DPO role and why you should consider outsourcing it

Under the EU GDPR (General Data Protection Regulation), which came into force on 25 May 2018, certain organisations are required to appoint a DPO (data protection officer). An organisation is required to appoint a designated DPO where it is a public authority or body, or where its core activities consist of either: Data processing operations that require regular and systematic monitoring of data … [Read more...]

What am I supposed to do with all these privacy policy emails?

Society doesn’t tend to agree on much, but late last week hundreds of millions of people were united by the question: “What’s with all these emails about updated privacy policies?” The flurry of messages led to many jokes and memes, but lost among the humour was the reason for this torrent of emails. It wasn’t just an amazing coincidence that every organisation you’ve ever visited updated its … [Read more...]

How to meet the GDPR’s transparency requirements

The Article 29 Working Party (WP29) has released guidance to help organisations comply with the transparency requirements of the EU General Data Protection Regulation (GDPR).  The WP29 is an advisory body comprising representatives from each EU member state, and has produced numerous reports and advice on the GDPR.  Transparency is an overarching obligation under the Regulation, applying to the … [Read more...]