DATE October 27, 2020 12:22 pm
POSTED BY Myles Dacres
CATEGORY
Blog
The right of access is a fundamental right under data protection law. And it has never been more necessary. In a world where personal data is used almost everywhere – by everyone – it is vital that people have the right to be able to find out what’s happening to...
View Article »
DATE October 23, 2020 11:53 am
POSTED BY Myles Dacres
CATEGORY
Blog
The Outsourced DPO has taken one or two exams over the years and last week had to sit the PCI DSS QSA requalification exam: an annual requirement. This is one of the features of the DSS that is class-leading – the requirement to undertake at least 300 CPD hours every...
View Article »
DATE October 21, 2020 8:03 am
POSTED BY David Hendry
CATEGORY
Blog
Did you notice in the news yesterday https://www.bbc.co.uk/news/technology-54621308 the faux pas by the charity who either haven’t heard or don’t understand the PECR or live in the belief that it doesn’t apply to charity fund raising? The official response to complaints was really clumsy. People don’t get offended or upset...
View Article »
DATE October 20, 2020 7:57 am
POSTED BY David Hendry
CATEGORY
Blog
The prospects of the UK not being granted an adequacy decision seems in many quarters to be inconceivable. If we work within the GDPR framework on 31st December, why would anything be different on 1st January? But the Outsourced DPO believes it is far from nailed on. The recent examination...
View Article »
DATE October 19, 2020 12:26 pm
POSTED BY David Hendry
CATEGORY
Blog
Two weeks ago the ICO published their rationale for levying fines for consultation and last week fined British Airways £20m for the June 2018 breach. Opinions are mixed as to whether it is too low for company of BA’s size whose turnover in 2017 was £12.6bn from which they made...
View Article »
DATE October 13, 2020 1:48 pm
POSTED BY David Hendry
CATEGORY
Blog
The Age Appropriate Design Code of Practice (AADCOP) is an extension of the Data Protection Act 2018 that affects providers of information society services (services delivered at a distance over the internet) that are likely to be used by children. The AADCOP consists of 15 principles that must be adhered...
View Article »
DATE October 2, 2020 11:43 am
POSTED BY David Hendry
CATEGORY
Company Update
DPP are pleased to announce a strategic partnership with 3C who are the largest IT and data services consultancy in the social housing sector. Together DPP and 3C provide the full range of data protection and data quality services social housing providers need to comply, perform and transform with the...
View Article »
DATE September 11, 2020 1:12 pm
POSTED BY David Hendry
CATEGORY
Blog
It is almost a year since the Outsourced DPO received a subject access request from an information rights platform and at the time, we were filled with suspicion. Several months and many SARs later, has anything changed? Back in December, receiving a SAR from an intermediary platform (Rightly.co.uk) seemed rather...
View Article »
DATE March 23, 2020 3:15 pm
POSTED BY David Hendry
CATEGORY
Blog
The Outsourced DPO is dusting off the binding corporate rules play book! It’s some time since we were involved in drafting BCRs and were delighted for one of our global clients to ask us to get involved with creating BCRs for their operations in over 80 countries last week. Of...
View Article »
DATE March 20, 2020 3:18 pm
POSTED BY David Hendry
CATEGORY
Blog
In some previous blogs the Outsourced DPO considered the background to the PECR, how they interact with, compliment and “trump” the DPA and GDPR, and the general prohibition on unsolicited direct marketing via electronic communications systems and equipment. We looked at the definition of direct marketing and found it to...
View Article »