Archives

Blog

What is the most secure way to transmit data?

Safe information transfer is a must for modern organisations, but not all secure data transmission methods are equal. Here we explore the options available to you. A significant issue facing businesses is implementing secure data transmission methods when sending and...

Data Subject Rights and the GDPR

The EU GDPR (General Data Protection Regulation) gives individuals eight rights relating to their personal data. Organisations must let individuals know how they can exercise these rights and meet requests promptly. Failure to do so is a breach of the GDPR....

GDPR and Encryption

Pseudonymisation and encryption are the only technological measures specifically mentioned in the GDPR (General Data Protection Regulation). But what exactly is meant by ‘pseudonymisation’ and ‘encryption’? Are these measures mandatory? More importantly, how can...

GDPR Processing Lawful Bases

The EU GDPR (General Data Protection Regulation) states that you need to identify a lawful basis before processing personal data. But, what is a lawful basis for processing? Do you always need individuals’ consent to process their data? And what is meant by the term...

GDPR Risk Assessments

Your business is required to comply with the GDPR (General Data Protection Regulation). Therefore you are obliged to conduct regular GDPR risk assessments. This isn’t just because the Regulation says that you should. Risk assessments are essential for...

DPIA (Data Protection Impact Assessment)

DPIA (data protection impact assessment) is a type of risk assessment designed to identify the risks affecting the security of personal data. A DPIA will help you understand the likely consequences of processing such data. Understanding what a DPIA is is all part...

Data Protection by Design and BY Default

Data protection by design and default is nothing new. But, while privacy by design was good practice under the Data Protection Act of 1998, data protection by design and by default are legal requirements of Article 25 of the GDPR. Here’s how data protection by design...

Personal Data and Sensitive Data

Do you know the difference? The GDPR includes a sub-category of sensitive personal data that comes with its own requirements. The GDPR (General Data Protection Regulation) has been in force for some time. So, no doubt you are familiar with the term ‘personal...

What is an Information Security Policy?

It is well known that your people are the weakest part of your business security defences. You can spend a great deal of time designing processes to protect your business. You can then invest in state-of-the-art technology to detect threats. However, these will only...

PCI DSS Service
PCI DSS Service

The PCI Data Security Standard (PCI DSS) applies to all entities that store, process, and/or transmit cardholder data. It covers technical and operational practices for system components included in or connected to environments with cardholder...