The NIS Directive has come into force in the UK today, in the form of The Network and Information Systems Regulations 2018. The Regulations are designed to protect our nation’s critical infrastructure, such as power and telecommunications. Organisations that operate ‘Essential Services’ are now legally required to introduce robust safeguards...
View Article »
DATE February 1, 2018 4:51 pm
POSTED BY Usman Ahmed
CATEGORY
Blog
When the UK leaves the EU on 29th March 2019 the GDPR will already have become law in every other EU member state. The regulations governing the international transfers of personal data are set out in Chapter V of the GDPR. It stipulates that, for the purposes of data transfers...
View Article »
DATE February 1, 2018 4:43 pm
POSTED BY Usman Ahmed
CATEGORY
Blog
In December 2017, at Maidstone Crown Court, a jury returned 15 guilty verdicts after the ICO prosecuted four individuals in connection with the unlawful disclosure of personal data which was obtained illegally by senior employees of Woodgate & Clark Limited, a firm of loss adjusters, and two private investigators. Director...
View Article »
DATE February 1, 2018 4:39 pm
POSTED BY Usman Ahmed
CATEGORY
Blog
The decision in the High Court relating to the theft and publishing of the supermarket giant Morrison’s payroll data by a rogue employee throws up interesting points about liability in the event of data loss. In December 2017 Mr Justice Langstaff ruled that the technical and organisational controls in place...
View Article »
DATE October 2, 2017 3:18 pm
POSTED BY David Hendry
CATEGORY
Blog
The Closed Club Since starting my career in Data Protection I have always noted that it is relatively lacking in youth and a bit of closed club. I once put the question to a relatively senior member of the ICO at a conference, asking if there were any initiatives to...
View Article »
DATE October 2, 2017 2:58 pm
POSTED BY Philip Brining
CATEGORY
Blog
We undertook a GDPR impact assessment for a large data processor recently and I thought it might be worth sharing our findings and thoughts. Not surprisingly we identified three sources of threat: a processor’s suppliers, their customers, and their ability to meet their own responsibilities set out in the GDPR....
View Article »
DATE September 8, 2017 7:34 am
POSTED BY Philip Brining
CATEGORY
Blog
Owing to the word “data” in the Data Protection Act, and due to the lack of teeth and importance that data protection has historically been afforded, for the large majority of clients we have worked it is the IT team who have been tasked with ensuring an organisation is compliant...
View Article »
DATE August 27, 2017 6:47 am
POSTED BY Philip Brining
CATEGORY
GDPR
By Philip Brining, Consulting Director of Data Protection People. I have been asked several times over the summer to comment on various suggestions that it will be possible to rely on legitimate interests as the legal basis for direct marketing post May 2018 under the General Data Protection Regulation. However,...
View Article »
DATE February 20, 2017 12:42 pm
POSTED BY Philip Brining
CATEGORY
Blog
As the 25th May 2018 edges closer and closer, we here at Data Protection People have been busy making sure that everyone is up to speed and in the midst of getting fully compliant with the GDPR. One major event occurring the last day of January saw us open up...
View Article »
DATE January 20, 2017 4:07 pm
POSTED BY Philip Brining
CATEGORY
Blog
Liam Fitzpatrick started with Data Protection People on January 5th after finishing his Undergraduate degree in Law at the University of Warwick joining at an exciting time of business expansion on a rapid development program. (PB) In my last blog I wrote about my first week working for the Data...
View Article »