Information Security Policy Template

There has never been a more important time to ensure that your Information Security program is compliant, robust and effective. With more and more employees working remotely and the far reaching connectivity of the digital age; securing systems, data and processes is an essential business practice. Whether you are looking to gain certification in schemes […]

Does the UK GDPR Apply to You?

Now that the UK has left the EU and the transition period is over, some UK businesses are understandably confused by how the GDPR applies to them and what changes have been made. Having a robust and compliant data protection framework in place is not only mandatory for those processing personal data, but it is […]

Post Brexit, UK-GDPR & Data Protection

As the UK has written the EU GDPR into UK law (UK-GDPR) to be read alongside the DPA18, much of the former Regulation on data protection still applies as written to those processing personal data within the UK. The main area causing some confusion is GDPR Chapter V (Art. 44-50) on transfers of personal data […]

Data Protection Act 2018 (DPA18) Policies

Both the GDPR and the UK’s Data Protection Act 2018 (DPA18) have now been in force since 25th May 2018, bringing with them stronger protections for individuals and their personal data. Much of the DPA18 writes the GDPR into UK law and provides additional rules and requirements for derogations and exemptions. It also contains requirements […]

GDPR Audit Checklist

The General Data Protection Regulation (GDPR) and Data Protection Act 2018 were enforced from 25th May 2018, introducing stronger, tighter controls & measures for protecting personal data and the rights of individual’s. Our extensive GDPR/DPA18 Audit Checklist has over 140 assessment questions and enables you to assess, review and evidence your data protection compliance and commitement […]

Experian Data Protection Breaches

The Information Commissioner’s Office (ICO) have conducted a two-year investigation into the handling and use of personal data held by the 3 main credit reference agencies, Experian Limited, Equifax and TransUnion. The ICO found data protection breaches within all 3 agencies citing “significant ‘invisible’ processing took place, likely affecting millions of adults in the UK”. […]

Data Protection Impact Assessment GDPR

What Are DPIA’s Article 35 of the General Data Protection Regulation (GDPR) focuses on the Data Protection Impact Assessment (DPIA) and what obligations organisations have in considering and carrying them out. The ICO and The Article 29 Working Party (WP29) have also created guidelines and publications on impact assessments, with the latter citing the definition […]

GDPR/DPA18 Accountability Self Assessment

The GDPR (and the DPA18 which writes this Regulation in to UK law) sets out under Article 5 the principles that relate to the processing of personal data. These principles can be condensed into: – Lawfulness, fairness and transparency Purpose limitation Data minimisation Accuracy Storage limitation Integrity and confidentiality Paragraph 2 of Article 5 states […]

GDPR Compliance | GDPR & Brexit

Will the UK have a deal with the EU before October 31st? As of writing this post the answer is still uncertain and so it is essential that firms of all sizes with obligations under the GDPR ensure that they are fully compliant with the Regulation. The UK Government have already confirmed that the GDPR […]