DATE September 11, 2018 11:07 am POSTED BY CATEGORY Information Security

Launching our PCI QSA Practice

Data Protection People, which is part of the Storm Technology Group, today launches a new PCI Qualified Security Assessor consultancy practice. This new practice sits within our PCI and Information Security division, and will deliver consultancy and formal assessment services to merchants and service providers, across Europe. For the past...
View Article »
DATE May 10, 2018 12:33 pm POSTED BY CATEGORY Critical National Infrastructure

Protecting our national infrastructure with the NIS Regulations

The NIS Directive has come into force in the UK today, in the form of The Network and Information Systems Regulations 2018. The Regulations are designed to protect our nation’s critical infrastructure, such as power and telecommunications. Organisations that operate ‘Essential Services’ are now legally required to introduce robust safeguards...
View Article »
DATE February 1, 2018 4:51 pm POSTED BY CATEGORY Blog

Brexit may lead to greater restrictions on the transfer of personal data from the EU to the UK. UK organisations will need to be prepared.

When the UK leaves the EU on 29th March 2019 the GDPR will already have become law in every other EU member state. The regulations governing the international transfers of personal data are set out in Chapter V of the GDPR. It stipulates that, for the purposes of data transfers...
View Article »
DATE February 1, 2018 4:39 pm POSTED BY CATEGORY Blog

Data Breach Compensation: The New PPI?

The decision in the High Court relating to the theft and publishing of the supermarket giant Morrison’s payroll data by a rogue employee throws up interesting points about liability in the event of data loss. In December 2017 Mr Justice Langstaff ruled that the technical and organisational controls in place...
View Article »
DATE October 2, 2017 2:58 pm POSTED BY CATEGORY Blog

Data Processors wake up to the GDPR

We undertook a GDPR impact assessment for a large data processor recently and I thought it might be worth sharing our findings and thoughts.  Not surprisingly we identified three sources of threat: a processor’s suppliers, their customers, and their ability to meet their own responsibilities set out in the GDPR....
View Article »