First Charity GDPR Fine – 5 Lessons to Learn It is just over three years since the GDPR came fully into force. Since then, we’ve had only four fines – three for large corporates (British Airways, Marriot and Ticketmaster) and …
Category Archives: Breach
FatFace Cyber Attack
Categories: Breach, Public Information, SecurityWe have created a report on the recent FatFace cyber attack. Read on to find out what happened and why. When: Breached on 17th January 2021. (Reported to customers on 23rd March 2021.) What: Names, addresses, last 4 digits of …
The BA Fine – How British Airways security flaws let data theft unfold
Categories: Breach, Fines, GDPR, ICO, SecurityHow will the BA Fine affect IT security? After over a year of delay, the Information Commissioner’s Office (ICO) finally issued their much-anticipated Penalty Notice against British Airways on 16th October 2020. There have been headlines and debate around the …
The BA Fine – The boardroom’s responsibilities: what are your business risks?
Categories: Breach, Fines, GDPR, ICO, Public Information, Security, UncategorisedHow will the BA fine affect your business? After over a year of delay, the Information Commissioner’s Office (ICO) finally issued their much-anticipated Penalty Notice against British Airways on 16th October 2020. There have been headlines and debate around the …
The BA Fine – The Data Protection Landscape is Changing
Categories: Breach, Fines, GDPR, ICO, Public Information, SecurityHow will the BA Fine affect the data protection landscape? After over a year of delay, the Information Commissioner’s Office (ICO) finally issued their much-anticipated Penalty Notice against British Airways on 16th October 2020. There have been headlines and debate …
Blackbaud Security Incident – what to consider
Categories: Breach, Guidance, Public Information, Security, TransparencyBlackbaud has informed its clients of a security incident. Protecture’s initial thoughts are: Blackbaud has taken the security incident seriously, and have taken significant measures in response. They have some assurance from the hacker that they have deleted the data …
Delayed Flight? Easyjet and When to Report a Breach
Categories: Breach, GDPR, Guidance, ICO, Public InformationProtecture often get asked, “When should I report a breach?” The Easyjet incident highlights that the risk to individuals’ rights and freedoms and the potential significance of even basic data must always be at the forefront of your assessment. When …
Five Lessons to Learn From the First GDPR Fine
Categories: Breach, Fines, GDPR, Guidance, ICO, Public Information, Security, Transparency, UncategorisedSo we’ve finally entered the brave new world. The first GDPR fine has arrived, just the 571 days since the GDPR came into force(!) Those desperate for the era of loud headlines about massive fines will be disappointed. The initial …
How to get the most out of your DPIA process
Categories: Breach, Data Protection Act 2018, Data Sharing, GDPR, Guidance, ICO, Public Information, UncategorisedIf your heart says yes, can your DPIA say it too? We wrote back in March about the common mistakes organisations make with Data Protection Impact Assessments (DPIAs). The importance of DPIAs can be seen in three recent cases. In the True Visions Productions (under the DPA 1998) the lack of DPIAs was seen by the Information Commissioner Office (ICO) as one of …
GDPR: the seven principles to follow
Categories: Breach, Consent, Data Protection Act 2018, GDPR, ICOLeading up to May 2018 there was a lot of coverage of the incoming GDPR Data Protection (DP) legislation. Organisations of all sorts knew that something needed to be done but weren’t always sure what it was. Consequently, as a …