Financial institutions and their critical suppliers rely on information and communication technology (ICT) to operate. Persistent targeting by cyber attackers means that potential cyber security threats are a greater concern than ever. New regulations like the Digital...
Archives
Howard Freeman
ESA’s 2nd Batch Publication
The three European Supervisory Authorities (EBA, EIOPA, and ESMA – the ESAs) have published a second batch of policy products under the Digital Operational Resilience Act (DORA). This batch consists of four final draft regulatory technical standards (RTS), one set of...
GDPR Compliance: A Critical Checklist for Businesses in 2024
Are you confident that your business is fully GDPR compliant? With the General Data Protection Regulation (GDPR) in full effect, ensuring compliance is non-negotiable for businesses handling the personal data of EU citizens. Failure to adhere to GDPR principles can...
Creating an AI Policy
If you are considering integrating AI into your business? Are you not sure where to start, or how to navigate the challenges? Fear not, you are not alone. That statement is not helpful I know, but don’t worry, we are very helpful indeed! Many organisations...
Data Processing Agreements and why you need them.
Whenever a controller uses a processor, there must be a written contract in place. The contract is important so that both parties understand their responsibilities and liabilities. The UK GDPR sets out what needs to be included in the contract. If a processor uses...
Rearo issues warning to businesses following a cyber attack
Classification: Intelligence briefing...
OpenAI’s ChatGPT is taking the large language model space by storm.
However, there is much to consider when it comes to data privacy. Howard Freeman – Managing Director at Fortis DPC Limited has been investigating. Unless you have been in hiding, ChatGPT is now a major part of our world. There are lots of opinions about it, both good...
What is a data protection officer?
Find out what the data protection officer role involves and who or what you need to hire. The General Data Protection Regulations (GDPR) is something you've heard a lot about, whether you collect, store and use customer data, or you don't. It's the biggest...
British Airways data-breach compensation claim settled
British Airways has settled a legal claim by some of the 420,000 people affected by a major 2018 data breach. The breach affected both customers and BA staff. The data lost included names, addresses, and payment-card details. The Information Commissioner's Office...
The Data Protection Act 2018
On 25th May 2018 when the GDPR came into force, the European regulation attracted all the headlines. However, another price of regulation also came into law which acted differed from the EU GDPR. The Data Protection Act of 2018 is strewn with references to the GDPR...
Cyber Essentials Certification: keep your business data safe
With data breaches in the UK increasing by 46% year on year and over 80% of UK businesses falling victim to a successful attack this costs the UK economy £3.1bn between April ’21 and April ’22. This also resulted in ICO fines of £44m being collected against...
Alarm over low spend on cyber security as MPs review new Bill
At lunchtime today (Monday 5 September), the UK’s next prime minister will be revealed despite delays to voting by Conservative Party members following a GCHQ alert over cyber hackers On the same day the UK Data Protection and Digital Information Bill comes up for its...
GDPR Adoption…the reality
It is almost four and a half years since the GDPR became enforced in May of 2018. Since that date, when the world went mad over consent, subscriptions and other connection requests that most of the requestors ignored, we have had Harry and Megan, Brexit, Covid-19 and...
What is the cost of PCI DSS Compliance?
The PCI DSS (Payment Card Industry Data Security Standard) compliance is not easy or inexpensive. In fact, depending on the size of your organisation and the complexity of your CDE (cardholder data environment), it could take months and cost tens of...
Yodel Hack – Parcel Delivery Delays
The delivery service company Yodel has suffered a “cyber incident” resulting in widespread disruption. Customers awaiting deliveries noted that Yodel’s systems were offline last weekend. Yodel said: “We are working to restore our operations as quickly as possible but...
Meta (Facebook) Fined £14 Million
Meta has been fined €17 million for twelve breaches of the EU GDPR. The company, formerly known as Facebook, violated several GDPR (General Data Protection Regulation) requirements. More than 30 million people have been affected. The Irish DPC (Data...
Special Categories of Data
What is special category data? Found out here. Special category data is personal data that needs more protection because it is sensitive.In order to lawfully process special category data, you must identify both a lawful basis under Article 6 of the UK GDPR. You also...
Six Data Privacy Mistakes every company makes
Does the following sentence sound familiar? “I have read and accepted the privacy policy.” This checkbox is found beneath various online forms. It’s completely superfluous. There is no need to accept a privacy policy because it merely serves an informational...