Archives

GDPR

The Age Appropriate Design Code
The Age Appropriate Design Code

The Children's Code The Children’s Code (or Age Appropriate Design Code to give its proper title) is a data protection code of practice for online services. This includes apps, online games, and web and social media sites that are likely to be accessed by...

Electronic Signatures
Electronic Signatures

In July 2016, the EU issued the eIDAS regulation, which increased the significance of electronic signatures drastically. However, under the current circumstances, the value of signing documents online is higher than ever before. What is an electronic signature?...

DSP Toolkit for Care Homes
DSP Toolkit for Care Homes

The recently launched NHS DSP Toolkit for Care Homes was designed to help care homes with an NHS email address. Full compliance, or standards met is also available allowing care homes to take part in Coordinate My Care. When registered, he care home faces a tad which...

GDPR the data differences
GDPR the data differences

What’s the difference between personal data and sensitive data? Now that the GDPR (General Data Protection Regulation) has been in effect for over two years, you’ve likely become acquainted with the term ‘personal data’. But what exactly does personal data...

Your CCTV and the GDPR?
Your CCTV and the GDPR?

In case you didn’t know, but CCTV footage is subject to the GDPR (General Data Protection Regulation). The Regulation isn’t just about written or electronic data such as names and addresses. It applies to any information that can identify someone. That includes...

Brexit Deal Keeps Data Flowing
Brexit Deal Keeps Data Flowing

Howard Freeman - 29th December 2020. The feared outcome that businesses would have to find new ways to keep data flowing between the EU and the UK following the Brexit deal has not been realised. Brexit negotiators agreed to a temporary solution that will keep the...

Customer List stolen
Customer List stolen

Utility supplier People’s Energy has had its entire customer list stolen. All 270,000 customers of People’s Energy, a renewable energy start-up, have had their details compromised in a major data breach incident that occurred last week, on 16th December 2020....

Video Conferencing and the GDPR
Video Conferencing and the GDPR

Due to social distancing and restrictions enforced by the UK’s tier systems, we are now used to business meetings taking place online. In particular, the video conferencing platform “Zoom” has achieved huge popularity through the pandemic. However, over the same...

Nursing home fined
Nursing home fined

Nursing home fined for a data breach after a laptop with residents' details is stolen A nursing home in County Antrim has been fined £15,000 for failing to adequately protect sensitive data about its staff and residents.  This story is a look back in history but...

UK firms face high compliance costs
UK firms face high compliance costs

British firms face a bill of up to £1.6 billion if the UK government fails to win an EU adequacy decision. The decision, if granted, would allow dataflows to continue as normal. This was revealed by a new report published on Monday last (23rd November 2020). UK firms...

Verbal Consent and the GDPR
Verbal Consent and the GDPR

We are often asked about consent and the GDPR. But, what consent can be given face to face or over the telephone? Verbal consent and the GDPR, is verbal consent allowed? Given the documentation requirements of the law, one might expect the answer to be no. However,...

It doesn’t apply to me!!!
It doesn’t apply to me!!!

One-third of small businesses don’t feel GDPR applies to them. It doesn't apply to me!!! We interviewed our CEO, Howard Freeman, who talks with SME business owners every day and he offered us his insights for the website. Howard, do small businesses understand the...

Data Breach – the Causes
Data Breach – the Causes

4 of the 5 top causes of data breaches are because of human or process errors Although data breaches as a result of cyber-attacks get all the press, it is often negligence or a lack of basic processes, policies and procedures that result in data breaches. The...

Update on post-Brexit GDPR
Update on post-Brexit GDPR

Will the GDPR still apply? The GDPR is an EU regulation and we wanted to update on post-Brexit GDPR. This means it became law in all member states of the EU (including the UK), without the need for a UK Act of Parliament. It also applies to the EEA states. The UK...

GDPR and the lawful bases for processing
GDPR and the lawful bases for processing

The GDPR states that you must identify a lawful basis before processing personal data. But what is a lawful basis for processing? Do you always need individuals’ consent to process their data? And what exactly are ‘legitimate interests’? You must understand your GDPR...

CCTV breach – Retailer Fined
CCTV breach – Retailer Fined

The Austrian regulator has issued its first fine for a GDPR violation. In this case, it was for a CCTV breach. This decision by the regulator, namely the Austrian Data Protection Authority ("DSB"), is particularly interesting. The Austrian Data Protection Act...

Transferring data to the US
Transferring data to the US

Assessment and Action Plan Make sure your EU-US data transfer is lawful  In July 2020, the European Court of Justice delivered its ruling on the Schrems II case, declaring the EU-US Privacy Shield invalid. The Privacy Shield was one of the three options available...