The GDPR refers to the ‘appropriate technical and organisational measures’ 92 times! This alone emphasises the importance of having these measures in place. But what are they? Unfortunately, the Regulation doesn’t go into any detail about these measures and what exactly they are. Hence the creation of this article.
Article 35 of the General Data Protection Regulation (GDPR) focuses on the Data Protection Impact Assessment (DPIA) and what obligations organisations have in considering and carrying them out.
Where processing is likely to result in a high risk to individuals, an impact assessment is the tool used to protect the individual(s) and their information as far as possible.
The FCA adopted the TCF outcomes and standards from the FSA, with the aim of continuing to ensure fairness, clarity and transparency in the financial and credit sectors and affording consumers using finance products and services, due consideration and increased confidence.
TCF continues to remain central to the FCA’s priorities and business plan year on year, with organisations being expected to embed and embrace the TCF culture and 6 desired outcomes.
Our GDPR Documentation Toolkit will accelerate your GDPR compliance. Ready to use, fully customisable GDPR policy templates and gap analysis checklists put you in control. Compliant with the lastest UK data protection framework.
When you write a due dilience policy from scratch, it is important to understand your aims and obligations. Identify if you have any specific regulations or industry requirements for the Know Your Customer Controls. Businesses with obligations under the Money Laundering Regulations will want to write a due diligence policy that ties in with their […]
Nearly every business outsources some services or functions to a third party. Learn how to create an effective outsourcing policy in this article. Your suppliers and service providers need to be as compliant as you are! What is Outsourcing? The general definition of outsourcing is where a business choses an external provider to perform one […]
Is One GDPR Policy Template Enough? The GDPR has now been in force in the UK since 2018. However, there are still hundreds of new and existing businesses who need to comply with the UK’s data protection framework. Unfortunately, it is not as simple as drafting one GDPR Policy! A suite of data protection policy […]
Writing a Sample Cookie Policy This article goes through the main headings and sections of a sample cookie policy template. However, it is not a complete Cookie Policy Template and should be used to write your own cookie notice. Read through the ICO guidance pages on PECR if you are unsure of your cookie law […]
Transfers of personal data outside the UK have changed since Brexit. Likewise, with the introduction of the International Data Transfer Agreement (IDTA), it is essential that you update your international data transfer policy. Read this article to find out how and why. Transfers of Personal Data Outside the UK Article 44 of the UK GDPR […]
Compliance with the MLR and HMRC Those in the accountancy sector are required to comply with the Money Laundering Regulations (MLR) in the UK. This includes accountants, tax advisers, bookkeepers and insolvency practitioners. Having an effective and compliant Anti Money Laundering Policy template can save time and money. Anti money laundering is an extensive compliance […]