DATE February 23, 2021 9:59 am
POSTED BY Myles Dacres
CATEGORY
Blog
In last week’s Lunchtime Takeaway Session we discussed Data Protection Compliance Audits. A compliance audit is a review performed to ascertain an enterprise’s adherence to regulatory guidelines. Audit reports evaluate the strength and comprehensiveness of an organization’s compliance preparations, security policies, user access controls, and risk management procedures. In the...
View Article »
DATE January 26, 2021 12:27 pm
POSTED BY Myles Dacres
CATEGORY
Blog
Data Protection Day 2021 is just around the corner and we have decided to go HUGE this year by hosting a 6 hour-long webinar!! We put a lot of thought into what we wanted to do for Data Protection Day this year. In our personal lives, and as a company,...
View Article »
DATE December 1, 2020 2:09 pm
POSTED BY Myles Dacres
CATEGORY
Blog
South Korea’s Personal Information Protection Commission (PIPC) has slapped Facebook with a $6.1 million fine for sharing user information without consent. The Korea Communications Commission kickstarted the investigation in 2018 before ultimately handing it off to the PIPC a few months ago. According to Yonhap News, the PIPC determined that...
View Article »
DATE November 20, 2020 11:03 am
POSTED BY Myles Dacres
CATEGORY
Blog
The decision to leave the EU is causing a period of profound change and uncertainty for British businesses, as we near the end of the transition period, and many things remain unclear in the world of data protection. In the podcast above the DPP consulting unpick the complex issues to...
View Article »
DATE November 19, 2020 10:36 am
POSTED BY Myles Dacres
CATEGORY
Blog
There’s a bit of a debate raging within the consulting team at DPP about the value of privacy and what it will take to persuade the reluctant controllers that they really must comply with the law and really should be taking a best practice approach to privacy management rather than...
View Article »
DATE October 23, 2020 11:53 am
POSTED BY Myles Dacres
CATEGORY
Blog
The Outsourced DPO has taken one or two exams over the years and last week had to sit the PCI DSS QSA requalification exam: an annual requirement. This is one of the features of the DSS that is class-leading – the requirement to undertake at least 300 CPD hours every...
View Article »
DATE February 1, 2018 4:51 pm
POSTED BY Philip Brining
CATEGORY
Blog
When the UK leaves the EU on 29th March 2019 the GDPR will already have become law in every other EU member state. The regulations governing the international transfers of personal data are set out in Chapter V of the GDPR. It stipulates that, for the purposes of data transfers...
View Article »
DATE February 1, 2018 4:43 pm
POSTED BY Philip Brining
CATEGORY
Blog
In December 2017, at Maidstone Crown Court, a jury returned 15 guilty verdicts after the ICO prosecuted four individuals in connection with the unlawful disclosure of personal data which was obtained illegally by senior employees of Woodgate & Clark Limited, a firm of loss adjusters, and two private investigators. Director...
View Article »
DATE February 1, 2018 4:39 pm
POSTED BY Philip Brining
CATEGORY
Blog
The decision in the High Court relating to the theft and publishing of the supermarket giant Morrison’s payroll data by a rogue employee throws up interesting points about liability in the event of data loss. In December 2017 Mr Justice Langstaff ruled that the technical and organisational controls in place...
View Article »
DATE December 20, 2016 3:02 pm
POSTED BY Andrew Mason
CATEGORY
Blog
Background When we first looked at the GDPR we were asked by our clients if we thought they would be caught by Article 37 of the regulation – the mandatory requirement to nominate a DPO. While it seemed to us that many might well fall under the scope of the...
View Article »