Archive for the ‘GDPR’ Category

Privacy notice under the GDPR

  A privacy notice is a public statement of how your organisation applies data protection principles to processing data. It should be a clear and concise document that is accessible by individuals. Articles 12, 13 and 14 of the GDPR outline the requirements on giving privacy information to data subjects. These are more detailed and […]

Leave a Comment

Why your organisation should consider outsourcing its DPO

Why your organisation should consider outsourcing its DPO By Laura Downes Since the EU’s GDPR (General Data Protection Regulation) came into effect in May 2018, demand for DPOs (data protection officers) has increased. The Regulation stipulates that certain organisations must appoint a DPO to support their GDPR compliance. DPOs also have an essential role as intermediaries between relevant […]

Leave a Comment

Equifax fined by ICO over data breach that hit Britons

Credit rating agency Equifax is to be fined £500,000 by the Information Commissioner’s Office (ICO) after it failed to protect the personal data of 15 million Britons. A 2017 cyber-attack exposed information belonging to 146 million people around the world, mostly in the US. The compromised systems were also US-based. But the ICO ruled Equifax’s […]

Leave a Comment

4 bad things happening every minute on the Internet

4 bad things happening every minute on the Internet  by Alan Calder   Risk IQ’s Evil Internet Minute infographic tells you the bad things happening every minute on the Internet: 5 successful ransomware attacks 9 phishing attacks 1,274 new malware variants 5,518 records compromised Any data you look at shows that the scale of ‘Internet evil’ increases every year. The […]

Leave a Comment

What is ‘privacy by design’?

What is ‘privacy by design’?  By Annabelle Graham   Privacy by design is a voluntary approach to projects that promotes privacy and data protection compliance, and helps you comply with the Data Protection Act 1998 (DPA). The Information Commissioner’s Office (ICO) encourages organisations to seriously consider privacy and data protection throughout a project lifecycle, including when: Building new […]

Leave a Comment

Six Essential Data Protection and Privacy Requirements Under GDPR

By Leighton Johnson, CISA, CISM, CIFI, CISSP With the advent of the European Union (EU) deadline for General Data Protection Regulation (GDPR) (EU 2016/679 regulation) coming up on 25 May 2018, many organizations are addressing their data gathering, protection and retention needs concerning the privacy of their data for EU citizens and residents. This regulation […]

Leave a Comment

How ISO 27001 can help to achieve GDPR compliance

By Julia Dutton Organizations have until 25 May 2018 to comply with the EU General Data Protection Regulation (GDPR). Those who have studied the Regulation will be aware that there are many references to certification schemes, seals and marks. The GDPR encourages the use of certification schemes like ISO 27001 to serve the purpose of demonstrating that the organisation is actively […]

Leave a Comment

GDPR essentials and how to achieve compliance

The GDPR will replace these with a pan-European regulatory framework effective from 25 May 2018.  The GDPR applies to all EU organizations – whether commercial business or public authority – that collect, store or process the personal data (PII) of EU individuals. Organizations based outside the EU that monitor or offer goods and services to […]

Leave a Comment

Data flow mapping under the EU GDPR

As part of an EU General Data Protection Regulation (GDPR) compliance project, organisations will need to map their data and information flows in order to assess their privacy risks. This is also an essential first step for completing a data protection impact assessment (DPIA), which is mandatory for certain types of processing. The key elements of […]

Leave a Comment

GDPR Documentation Toolkit and gap assessment tool

Data Protection / EU GDPR Toolkits   Use this gap assessment tool to: Quickly identify your GDPR compliance gaps Plan and prioritize your GDPR project EU GDPR Compliance Gap Assessment Tool   Accelerate your GDPR compliance implementation project with the market-leading EU GDPR Documentation Toolkit used by hundreds of organizations worldwide, now with significant improvements […]

Comments (2)

EU GDPR: Does my organization need to comply?

By Chloe Biscoe The General Data Protection Regulation (GDPR) is a new law that will harmonize data protection in the European Union (EU) and will be enforced from May 25, 2018. It aims to protect EU residents from data and privacy breaches, and has been introduced to keep up with the modern digital landscape. Who […]

Leave a Comment