What is ISO 9001? Quality Management Systems (QMS) explained Companies and organisations are now expected to prove competency across an increasing number of disciplines in order to win contracts in both the private and public sector. A quality management system (QMS)...
Archives
Howard Freeman
GP surgery secretary fined
A former GP surgery secretary has been fined for reading medical records of 231 patients in two years, the ICO reported in 2018. A trip back in time to November of 2018 for this blog. We shouldn't forget that whilst this story may have a few cobwebs on it, this could...
ISO 27701 Privacy Information Management
ISO 27001 is the well recognised international standard for information security. A companion standard has now been added, this is ISO 27701. This page is a brief introduction to ISO 27701. It is the standard for Privacy Information Management. This page will discuss...
Can you refuse to comply with a Data Subject Access Request?
Can you refuse to comply with a data subject access request (DSAR) under the UK GDPR and Data Protection Act 2018? For any organisation, the challenge of responding to Data Subject Access Requests (DSARs) is considerable. For example, the NHS, according to research by...
Brexit and the new UK GDPR
The United Kingdom has now left the European Union. However, until 31st December 2020, EU laws, which include the General Data Protection Regulation (GDPR), continue to apply to the U.K. This is the transition period. Once the transition period has ended,...
PCI DSS Service
The PCI Data Security Standard (PCI DSS) applies to all entities that store, process, and/or transmit cardholder data. It covers technical and operational practices for system components included in or connected to environments with cardholder...
Danish Authority Data Protection Breach
The Danish data protection authority ('Datatilsynet') announced, on 20th August 2020, that it had itself suffered a personal data breach. The breach was the discovery of its paper waste containing confidential and sensitive information about citizens and employees....
UK cyber-crime rate has doubled in the past five years
The number of UK businesses that have suffered cyber-attacks has doubled in the past five years, according to a new report. Hastings based Beaming’s Five Years in Cyber Security found that 1.5 million organisations fell victim to cyber-crime in 2019. This...
ISO 9001 Services
ISO 9001 is an ISO standard that seems out the criteria for quality management systems (QMS). This standard is based on a number of quality management principles including a strong customer focus, motivation and implication of top management, the process...
GDPR Supply Chain Audit
Consider the way in which your business operates. Could it operate without suppliers? This will include any other business you deal with, from an outsourced payroll company, to a medical insurance provider and even the company that waters plants in the office. The...
GDPR Periodic Audits
Why carry out GDPR periodic audits? Article 32.1.d of the GDPR, data controllers and data processors must implement appropriate technical and organisational measures to ensure a level of security. This security should be appropriate to the risk. The regulation states...
Data Retention and the GDPR
How will you tackle data retention? Two plus years on from GDPR enforcement, does your housekeeping need a refresh? How long you will keep personal data raises lots of questions. Where to start? How to judge necessity? Have you considered your method of disposal of...
ISO 45001 Services
ISO 45001 is an ISO standard for management systems of occupational health and safety (OH&S), published in March of 2018. The goal of ISO 45001 is the reduction of occupational injuries and diseases, including promoting and protecting physical and mental...
ISO 45001
ISO 45001 is the international standard for occupational health and safety at work developed by the International Standards Organisation that are independent of government. Introduced in March 2018, the new standard replaces the current standard (BS OHSAS 18001) which...
ISO 27001 Services
ISO/IEC 27001 formally specifies an Information Security Management System (ISMS), a suite of activities concerning the management of information risks We are able to offer a full range of ISO 27001 services to help you on your certification journey. ISO 27001...
ISO 14001
BS EN ISO 14001 puts your environmental management system at the heart of your business' operations. In order to help meet environmental regulations, improve efficiency and environmental performance. This standard outlines the most up-to-date specifications for...
ISO 14001 Services
We are able to offer a full range of ISO 14001 services to help you on your certification journey and become compliant to the standard. ISO 14001:2015 is an international standard that specifies the requirements for an Environmental Management System ISO 14001...
ISO 27001 (ISMS)
Are you thinking about implementing an ISMS to ISO 27001? Do you need help in preparing for ISO 27001 for the first time? Do you require an internal audit as your annual anniversary approaches? What is ISO 27001? ISO/IEC 27001 formally specifies an Information...