DATE May 10, 2018 12:33 pm POSTED BY CATEGORY Critical National Infrastructure

Protecting our national infrastructure with the NIS Regulations

The NIS Directive has come into force in the UK today, in the form of The Network and Information Systems Regulations 2018. The Regulations are designed to protect our nation’s critical infrastructure, such as power and telecommunications. Organisations that operate ‘Essential Services’ are now legally required to introduce robust safeguards...
View Article »
DATE February 1, 2018 4:51 pm POSTED BY CATEGORY Blog

Brexit may lead to greater restrictions on the transfer of personal data from the EU to the UK. UK organisations will need to be prepared.

When the UK leaves the EU on 29th March 2019 the GDPR will already have become law in every other EU member state. The regulations governing the international transfers of personal data are set out in Chapter V of the GDPR. It stipulates that, for the purposes of data transfers...
View Article »
DATE February 1, 2018 4:39 pm POSTED BY CATEGORY Blog

Data Breach Compensation: The New PPI?

The decision in the High Court relating to the theft and publishing of the supermarket giant Morrison’s payroll data by a rogue employee throws up interesting points about liability in the event of data loss. In December 2017 Mr Justice Langstaff ruled that the technical and organisational controls in place...
View Article »
DATE October 2, 2017 2:58 pm POSTED BY CATEGORY Blog

Data Processors wake up to the GDPR

We undertook a GDPR impact assessment for a large data processor recently and I thought it might be worth sharing our findings and thoughts.  Not surprisingly we identified three sources of threat: a processor’s suppliers, their customers, and their ability to meet their own responsibilities set out in the GDPR....
View Article »
DATE September 8, 2017 7:34 am POSTED BY CATEGORY Blog

Is GDPR really an IT problem?

Owing to the word “data” in the Data Protection Act, and due to the lack of teeth and importance that data protection has historically been afforded, for the large majority of clients we have worked it is the IT team who have been tasked with ensuring an organisation is compliant...
View Article »
DATE August 27, 2017 6:47 am POSTED BY CATEGORY GDPR

Legitimate Interests and e-mail direct marketing

By Philip Brining, Consulting Director of Data Protection People. I have been asked several times over the summer to comment on various suggestions that it will be possible to rely on legitimate interests as the legal basis for direct marketing post May 2018 under the General Data Protection Regulation.  However,...
View Article »
DATE February 20, 2017 12:42 pm POSTED BY CATEGORY Blog

Preparing for the GDPR in Social Housing

As the 25th May 2018 edges closer and closer, we here at Data Protection People have been busy making sure that everyone is up to speed and in the midst of getting fully compliant with the GDPR. One major event occurring the last day of January saw us open up...
View Article »
DATE January 20, 2017 4:07 pm POSTED BY CATEGORY Blog

Three weeks in at the Data Protection People

Liam Fitzpatrick started with Data Protection People on January 5th after finishing his Undergraduate degree in Law at the University of Warwick joining at an exciting time of business expansion on a rapid development program. (PB) In my last blog I wrote about my first week working for the Data...
View Article »