Charities and the GDPR

I’ve had a few conversations with third sector organisations recently about preparing for the GDPR coming into force in May next year. Some of the responses I’ve been getting are a little concerning given the nature of the work that some of them do and the increasing...

Equifax Suffer Massive Data Breach

A statement from Rick Smith, CEO of #Equifax about a massive 143 million customer data breach (link below). UK customers have been affected as well as US and Canadian residents. This breach occurred in mid May this year and we are only just hearing about it. The #GDPR...

Disasters Are Like Buses

There is a saying that you can wait ages for a bus and then three come along at once. This can be true of disasters as well. The story goes like this… In an office on a small business estate there once was a company that specialised in installing high availability...

Head In The Clouds

Small businesses who run applications in ‘the cloud’, also known as SaaS (Software as a Service) are becoming increasingly complacent with regards to data security. There are a lot of claims made by SaaS providers about how safe and secure the systems are...

Insider Threats

In this article I want to talk about a very real but often overlooked threat to a whole gamut of information protection issues – people. When we consider the arena of information protection it is all too easy to get drawn into the world of IT systems and cyber-crime....

GDPR – To DPO or Not To DPO

Who needs a DPO and what do they do? This Bite is about the role and requirements of a DPO – that’s a Data Protection Officer. The role and duties of a data protection officer are varied – it is an interesting and challenging job. Within the scope of Article 39 of the...

GDPR – Processing Security

In this short article, I’m going to talk a bit about security of personal data and how the GDPR defines security. The requirements fall under Article 32 of the regulation. This is one of the areas of the regulation where decisions need to be made based upon the...

GDPR – Some Hard Facts

1. Brexit Many business owners are assuming that because the UK has voted to leave the European Union – especially since article 50 was triggered making this formal – that the GDPR will no longer need to be implemented. This is not the case. The ICO have indicated...

GDPR – Privacy by Design & Privacy by Default

Whenever you read or hear information about the GDPR, you will most likely come across the terms Privacy by Design, and Privacy by Default. They are set out in article 25 of the regulation and they are a way of ensuring data protection becomes a consideration of...

GDPR – Am I legally processing personal data?

To comply with the GDPR articles 5 and 6 you need to have a ‘legal basis’ for the collection, storage and processing of personal data.  There are some fundamental ways to demonstrate a legal basis for the collection and processing of such data;   You have...