A risk management program is an essential part of any organisations compliance regime and provides a multifaceted approach to identifying, evaluating, preventing and monitoring risk at an internal and external level. All organisations are subject to a certain level of risk from areas such as money laundering, data protection and information security. However, some businesses […]
17
Jun
Jun
Do Your Staff Need GDPR Training? GDPR staff awareness training may get overlooked within the standard data protection training programs. However, making sure your employees are aware of the GDPR basics and how the rules apply is important. Moreover, it is a legal requirement under the Regulations to ensure staff are knowledgeable about data subject […]
The NCSC (National Cyber Security Centre) have recently reported that they have detected more UK Government branded scams relating to coronavirus than any other subject. The FCA have published statements on their website regarding information security and the coronavirus. “The exceptional circumstances introduced by coronavirus have required firms to change their ways of working at […]
GDPR Policy Template Toolkit Samples are essential so that you can see what you are getting when you buy one of our GDPR policy template packs. With so many data protection policies and GDPR documentation toolkits to choose from, how do you know which is right for you? Knowing which provider to use for your […]
The World is a very different place than it was a few weeks ago and businesses are now operating in a time of flux, with many not being able to operate at all. With so many employees working from home and contact with customers being made in new or different ways; you need to ensure […]
How robust your data protection program is may be being tested during this difficult time, with employees working from home and others in workplaces with an abundance of staff absences. Having compliant GDPR and DPA18 policies, procedures and controls in place is mandatory, but has never been so important. How you process personal data during […]
This article provides guidance on writing your own GDPR/DPA18 Policy and utilises the requirements set out under the General Data Protection Regulation (GDPR) and Data Protection Act 2018 (DPA18). What is a Data Protection Policy? The GDPR advises that controllers must implement appropriate technical and organisational measures to comply with the GDPR; with those measures […]
What is Legitimate Interests? This article looks at how to carry out a Legitimate Interests Assessment (LIA) and gives guidance on the suggested stages. Legitimate Interests is one of the legal basis for processing personal data under the GDPR. Article 6(1)f of the Regulation states: – “Processing is necessary for the purposes of the legitimate […]
Whether you are starting from scratch, revising existing data protection policies or use templates from a professional provider; documenting your GDPR measures and controls is a labour-intensive task. Although the GDPR/DPA18 has been in place since May 2018, there are still thousands of firms who are only partially compliance with the mandatory data protection laws […]
The ICO have expanded their data protection guidance on exemptions, which looks at some of the rights and obligations under the GDPR and DPA18. The ICO note that any exemption should not simply be routinely relied upon; instead, every event should be reviewed and considered on a case-by-case basis. They also reiterate that some areas […]