DATE September 11, 2018 11:07 am
POSTED BY Thomas Chappelow
CATEGORY
Information Security
Data Protection People, which is part of the Storm Technology Group, today launches a new PCI Qualified Security Assessor consultancy practice. This new practice sits within our PCI and Information Security division, and will deliver consultancy and formal assessment services to merchants and service providers, across Europe. For the past...
View Article »
DATE June 8, 2018 8:39 am
POSTED BY Philip Brining
CATEGORY
Data Protection
This blog has been written by Boyko Boev, a Senior Data Protection Consultant at Data Protection People. The General Data Protection Regulation (GDPR) came into force on 25 May 2018 as a result of which the date became known across Europe and probably the world as the GDPR day. The GDPR...
View Article »
The NIS Directive has come into force in the UK today, in the form of The Network and Information Systems Regulations 2018. The Regulations are designed to protect our nation’s critical infrastructure, such as power and telecommunications. Organisations that operate ‘Essential Services’ are now legally required to introduce robust safeguards...
View Article »
DATE February 1, 2018 4:51 pm
POSTED BY Usman Ahmed
CATEGORY
Blog
When the UK leaves the EU on 29th March 2019 the GDPR will already have become law in every other EU member state. The regulations governing the international transfers of personal data are set out in Chapter V of the GDPR. It stipulates that, for the purposes of data transfers...
View Article »
DATE February 1, 2018 4:43 pm
POSTED BY Usman Ahmed
CATEGORY
Blog
In December 2017, at Maidstone Crown Court, a jury returned 15 guilty verdicts after the ICO prosecuted four individuals in connection with the unlawful disclosure of personal data which was obtained illegally by senior employees of Woodgate & Clark Limited, a firm of loss adjusters, and two private investigators. Director...
View Article »
DATE February 1, 2018 4:39 pm
POSTED BY Usman Ahmed
CATEGORY
Blog
The decision in the High Court relating to the theft and publishing of the supermarket giant Morrison’s payroll data by a rogue employee throws up interesting points about liability in the event of data loss. In December 2017 Mr Justice Langstaff ruled that the technical and organisational controls in place...
View Article »
DATE October 2, 2017 3:18 pm
POSTED BY David Hendry
CATEGORY
Blog
The Closed Club Since starting my career in Data Protection I have always noted that it is relatively lacking in youth and a bit of closed club. I once put the question to a relatively senior member of the ICO at a conference, asking if there were any initiatives to...
View Article »
DATE October 2, 2017 2:58 pm
POSTED BY Philip Brining
CATEGORY
Blog
We undertook a GDPR impact assessment for a large data processor recently and I thought it might be worth sharing our findings and thoughts. Not surprisingly we identified three sources of threat: a processor’s suppliers, their customers, and their ability to meet their own responsibilities set out in the GDPR....
View Article »
DATE September 8, 2017 7:34 am
POSTED BY Philip Brining
CATEGORY
Blog
Owing to the word “data” in the Data Protection Act, and due to the lack of teeth and importance that data protection has historically been afforded, for the large majority of clients we have worked it is the IT team who have been tasked with ensuring an organisation is compliant...
View Article »
DATE August 27, 2017 6:47 am
POSTED BY Philip Brining
CATEGORY
GDPR
By Philip Brining, Consulting Director of Data Protection People. I have been asked several times over the summer to comment on various suggestions that it will be possible to rely on legitimate interests as the legal basis for direct marketing post May 2018 under the General Data Protection Regulation. However,...
View Article »