Howard Freeman - 29th December 2020. The feared outcome that businesses would have to find new ways to keep data flowing between the EU and the UK following the Brexit deal has not been realised. Brexit negotiators agreed to a temporary solution that will keep the...
Utility supplier People’s Energy has had its entire customer list stolen. All 270,000 customers of People’s Energy, a renewable energy start-up, have had their details compromised in a major data breach incident that occurred last week, on 16th December 2020....
Due to social distancing and restrictions enforced by the UK’s tier systems, we are now used to business meetings taking place online. In particular, the video conferencing platform “Zoom” has achieved huge popularity through the pandemic. However, over the same...
Nursing home fined for a data breach after a laptop with residents' details is stolen A nursing home in County Antrim has been fined £15,000 for failing to adequately protect sensitive data about its staff and residents. This story is a look back in history but...
British firms face a bill of up to £1.6 billion if the UK government fails to win an EU adequacy decision. The decision, if granted, would allow dataflows to continue as normal. This was revealed by a new report published on Monday last (23rd November 2020). UK firms...
Getting ready for an ISO 27701 certification with our readiness assessment, the new standard for Privacy Information Management ISO/IEC 27701 is the new international “gold standard” for privacy management. It is the companion standard for ISO 27001, the...
And how to avoid them… The scramble for bargains and supposedly unbelievable savings, whatever your thoughts about Black Friday are, brings with it a spike in cybersecurity threats. Cybercriminals will be just as keen to take advantage of you as you are desperate for...
We are often asked about consent and the GDPR. But, what consent can be given face to face or over the telephone? Verbal consent and the GDPR, is verbal consent allowed? Given the documentation requirements of the law, one might expect the answer to be no. However,...
One-third of small businesses don’t feel GDPR applies to them. It doesn't apply to me!!! We interviewed our CEO, Howard Freeman, who talks with SME business owners every day and he offered us his insights for the website. Howard, do small businesses understand the...
4 of the 5 top causes of data breaches are because of human or process errors Although data breaches as a result of cyber-attacks get all the press, it is often negligence or a lack of basic processes, policies and procedures that result in data breaches. The...
Will the GDPR still apply? The GDPR is an EU regulation and we wanted to update on post-Brexit GDPR. This means it became law in all member states of the EU (including the UK), without the need for a UK Act of Parliament. It also applies to the EEA states. The UK...
The GDPR states that you must identify a lawful basis before processing personal data. But what is a lawful basis for processing? Do you always need individuals’ consent to process their data? And what exactly are ‘legitimate interests’? You must understand your GDPR...
What are the data subject rights under the GDPR? The EU GDPR (General Data Protection Regulation) gives individuals eight rights relating to their personal data. You must let individuals know how they can exercise these rights, and meet requests promptly....
The Austrian regulator has issued its first fine for a GDPR violation. In this case, it was for a CCTV breach. This decision by the regulator, namely the Austrian Data Protection Authority ("DSB"), is particularly interesting. The Austrian Data Protection Act...
Assessment and Action Plan Make sure your EU-US data transfer is lawful In July 2020, the European Court of Justice delivered its ruling on the Schrems II case, declaring the EU-US Privacy Shield invalid. The Privacy Shield was one of the three options available...
ISO/IEC 27701 is the international standard for privacy information management systems and is a companion standard for ISO 27001. ISO/IEC 27701 enables organisations to demonstrate compliance with all applicable privacy regulations, including the GDPR and the Data...
Estate agency fined £80,000 for failing to keep tenants’ data safe. The Information Commissioner’s Office (ICO) has fined a London estate agency £80,000 for leaving 18,610 customers' personal data exposed for almost two years. The security breach happened at...
This revised edition of one of HSE’s most popular guides is mainly for leaders, owners and line managers. It will particularly help those who need to put in place or oversee their organisation’s health and safety arrangements. The advice may also help workers...