DATE October 23, 2020 11:53 am
POSTED BY Myles Dacres
CATEGORY
Blog
The Outsourced DPO has taken one or two exams over the years and last week had to sit the PCI DSS QSA requalification exam: an annual requirement. This is one of the features of the DSS that is class-leading – the requirement to undertake at least 300 CPD hours every...
View Article »
DATE February 1, 2018 4:51 pm
POSTED BY Philip Brining
CATEGORY
Blog
When the UK leaves the EU on 29th March 2019 the GDPR will already have become law in every other EU member state. The regulations governing the international transfers of personal data are set out in Chapter V of the GDPR. It stipulates that, for the purposes of data transfers...
View Article »
DATE February 1, 2018 4:43 pm
POSTED BY Philip Brining
CATEGORY
Blog
In December 2017, at Maidstone Crown Court, a jury returned 15 guilty verdicts after the ICO prosecuted four individuals in connection with the unlawful disclosure of personal data which was obtained illegally by senior employees of Woodgate & Clark Limited, a firm of loss adjusters, and two private investigators. Director...
View Article »
DATE February 1, 2018 4:39 pm
POSTED BY Philip Brining
CATEGORY
Blog
The decision in the High Court relating to the theft and publishing of the supermarket giant Morrison’s payroll data by a rogue employee throws up interesting points about liability in the event of data loss. In December 2017 Mr Justice Langstaff ruled that the technical and organisational controls in place...
View Article »
DATE December 20, 2016 3:02 pm
POSTED BY Andrew Mason
CATEGORY
Blog
Background When we first looked at the GDPR we were asked by our clients if we thought they would be caught by Article 37 of the regulation – the mandatory requirement to nominate a DPO. While it seemed to us that many might well fall under the scope of the...
View Article »
DATE November 22, 2016 7:56 pm
POSTED BY Philip Brining
CATEGORY
Blog
Recent comments by the Secretary of State for Culture, Media and Sport and the Information Commissioner indicate that businesses cannot afford to delay complying with the GDPR. In the immediate aftermath of the June vote for Britain to leave the European Union we discussed the likely effects that Brexit could...
View Article »
DATE May 23, 2016 12:50 pm
POSTED BY Philip Brining
CATEGORY
Blog
GDPR contains several obligations for data controllers to demonstrate greater control over data processes. In this blog DPP’s Phil Brining considers the extent to which those obligations may impact the structure and functionality of database systems used for processing personal data. Does GDPR mean I need to change my CRM...
View Article »
DATE April 20, 2016 7:46 am
POSTED BY Philip Brining
CATEGORY
Blog
I made a presentation earlier this week to the north eastern members of the Chartered Institute of Management Accountants about the new General Data Protection Regulation (GDPR) and some of the questions that arose were about what constituted “personal data” and was therefore regulated by the Data Protection Act and...
View Article »
DATE April 15, 2016 8:01 am
POSTED BY Philip Brining
CATEGORY
GDPR
I vividly remember the last time I sat down during the working day to watch TV – it was 11th September 2001 and I sat spell bound in the East Stand of Leeds United Football Club where I was head of the commercial department watching the terrible events unfold on...
View Article »
DATE February 15, 2016 7:21 am
POSTED BY Philip Brining
CATEGORY
Blog
The General Data Protection Regulation is set to turn many organisations upside down and inside out as they implement change to bring themselves up to the standard required by the new Regulation. In this blog DPP’s Phil Brining considers the impact on small businesses. The final text of the General...
View Article »