The GDPR refers to the ‘appropriate technical and organisational measures’ 92 times! This alone emphasises the importance of having these measures in place. But what are they? Unfortunately, the Regulation doesn’t go into any detail about these measures and what exactly they are. Hence the creation of this article.
Article 35 of the General Data Protection Regulation (GDPR) focuses on the Data Protection Impact Assessment (DPIA) and what obligations organisations have in considering and carrying them out.
Where processing is likely to result in a high risk to individuals, an impact assessment is the tool used to protect the individual(s) and their information as far as possible.
Is One GDPR Policy Template Enough? The GDPR has now been in force in the UK since 2018. However, there are still hundreds of new and existing businesses who need to comply with the UK’s data protection framework. Unfortunately, it is not as simple as drafting one GDPR Policy! A suite of data protection policy […]
Transfers of personal data outside the UK have changed since Brexit. Likewise, with the introduction of the International Data Transfer Agreement (IDTA), it is essential that you update your international data transfer policy. Read this article to find out how and why. Transfers of Personal Data Outside the UK Article 44 of the UK GDPR […]
GDPR A3 Posters We have now launched 2 new A3 compliance posters in our comprehensive range. Our GDPR Article 5 Principles & GDPR Consent Posters are available to buy now. Both are avaiable separately, or in our duo set which provides a £4 discount against individual purchases. Our exclusive A3 Compliance Posters support your employees […]
What is A Data Protection Impact Assessment (DPIA)? Data Protection Impact Assessments (DPIA) are a requirement of the UK GDPR. The assessment aids in compliance with the data protection requirements and obligations. It’s aim is to help firms identify the risks associated with data processing and those posed to data subjects. Completing a DPIA is […]
What is Information Security? Given the digital scope of business today, most firms are heavily invested in their Information Security programs and procedures. Ensuring that data, systems and infastructures are safe and secure should be run of the mill and a top priority, regardless of size or sector. Information Security in its broadest sense is […]
PECR Breaches So far throughout 2021/22, the Information Commissioner’s Office (ICO) has issued over £1,700,000 in fines for breaches of direct marketing laws. The ICO has powers under the Privacy and Electronic Communications Regulations 2003 (PECR) which enables them to take action to change the behaviour of anyone who breaches the regulation. The regulator’s enforcement […]