Our Blog
The source
Welcome to our blog, The Source.
I know that business compliance can sometimes be overwhelming and I want to help you find your way to being and staying complaint.
THS SOURCE is a place for you to access and find out about the latest topics and insights that could impact your compliance for GDPR, ISO, Cyber Security and PCI DSS.
Howard Freeman
GP surgery secretary fined
A former GP surgery secretary has been fined for reading medical records of 231 patients in two years, the ICO reported in 2018. A trip back in time to November of 2018 for this blog. We shouldn't forget that whilst this story may have a few cobwebs on it, this could...
ISO 27701 Privacy Information Management
ISO 27001 is the well recognised international standard for information security. A companion standard has now been added, this is ISO 27701. This page is a brief introduction to ISO 27701. It is the standard for Privacy Information Management. This page will discuss...
Can you refuse to comply with a Data Subject Access Request?
Can you refuse to comply with a data subject access request (DSAR) under the UK GDPR and Data Protection Act 2018? For any organisation, the challenge of responding to Data Subject Access Requests (DSARs) is considerable. For example, the NHS, according to research by...
Brexit and the new UK GDPR
The United Kingdom has now left the European Union. However, until 31st December 2020, EU laws, which include the General Data Protection Regulation (GDPR), continue to apply to the U.K. This is the transition period. Once the transition period has ended,...
PCI DSS Service
The PCI Data Security Standard (PCI DSS) applies to all entities that store, process, and/or transmit cardholder data. It covers technical and operational practices for system components included in or connected to environments with cardholder...
Danish Authority Data Protection Breach
The Danish data protection authority ('Datatilsynet') announced, on 20th August 2020, that it had itself suffered a personal data breach. The breach was the discovery of its paper waste containing confidential and sensitive information about citizens and employees....