Protecture often get asked to advise whether a breach should be reported. The Easyjet incident highlights that the risk to individuals’ rights and freedoms and the potential significance of even basic data must always be at the forefront of …
Webinar: How to Conduct a Data Protection Audit – from your desk
Categories: Data Protection Act 2018, GDPR, Guidance, WebinarData Protection touches so many areas of an organisation. So where do you start an audit? You might want to know if your policies and procedures cover all the areas they should. Or you might be trying to understand …
Cathay Pacific Enforcement Action
Categories: Fines, ICO, Public InformationThe ICO has recently issued an enforcement notice under the Data Protection Act 1998 against Cathay Pacific Airways imposing a monetary penalty notice of £500,000 (the maximum allowable) for breaches of the data protection principles. Primarily these related to the …
ICO Coronavirus Statement
Categories: Guidance, ICO, Public InformationThe ICO has released some brief guidance for organisations around some of the main issues relating to coronavirus and the use or sharing of personal data. Our quick summary of the issues that need to be taken into account: Always …
Webinar: GDPR and Working from Home
Categories: Data Sharing, GDPR, Public Information, Security, WebinarThe Coronavirus will create numerous risks for organisations over the coming months. Many businesses are looking to home working to ensure staff can continue to be productive in the event of restrictions of movement or temporary office closures. This means …
Webinar: DPO – Do I Need to Appoint One?
Categories: UncategorisedWith the first GDPR fine under our belt, and more due soon, the role of Data Protection Officer (DPO) will continue to be sought after. Yet for many organisations, there is no legal requirement to appoint one. A Data Protection …
New Draft of ePrivacy Regulation
Categories: GDPR, Guidance, ICO, Public Information, SecurityThe European Commission has just published (21st February) a new draft of the long-awaited ePrivacy Regulation as there was a failure to reach agreement on the previous draft. This Regulation will replace the ePrivacy Directive of 2002 that is enacted …
ICO Updates: Code of Practice
Categories: UncategorisedDirect Marketing Code of Practice The ICO recently published its draft Direct Marketing Code of Practice for consultation. It will be an important document for all organisations conducting direct marketing activities. “Direct marketing” is defined widely within the draft: “Direct marketing includes the …
Data Protection Enforcement Updates
Categories: Fines, GDPR, ICOIn addition to the ICO’s recent enforcement action taken against Doorstep Dispensary, European data protection regulators have been active with some interesting cases that are worth highlighting: In Greece, the Hellenic Data Protection Authority (HDPA) fined an organisation €15,000 for installing and using …
Five Lessons to Learn From the First GDPR Fine
Categories: Breach, Fines, GDPR, Guidance, ICO, Public Information, Security, Transparency, UncategorisedSo we’ve finally entered the brave new world. The first GDPR fine has arrived, just the 571 days since the GDPR came into force(!) Those desperate for the era of loud headlines about massive fines will be disappointed. The initial …