EU GDPR Archive
Third-party suppliers are a common source of confusion for organisations considering their GDPR (General Data Protection Regulation) compliance requirements. When the Regulation was first introduced, the issue of third-party suppliers and their relation to organisations’ own GDPR compliance received a …
As part of your GDPR (General Data Protection Regulation) compliance project, you must be able to understand what personal data you process. Specifically, Article 30 states that you must “maintain a record of processing activities under responsibility”. To achieve …
A data flow map is a diagram that shows how sensitive information moves between one part of your organisation and another. For example, you might collect user information through a survey, which is then funnelled into a database used by …
It’s been two years since the GDPR (General Data Protection Regulation) took effect, and despite many people saying it was a lot of fuss over nothing, it has had a significant effect on the way organisations operate. For one, DSARs …
Before beginning your data mapping exercise, you need to identify the personal data you hold. Personal data is any information that can directly or indirectly identify a natural person. The GDPR (General Data Protection Regulation) places much stronger controls on the …
The concepts of data privacy and data security might sound similar, but each involves a totally different set of processes and skills for comprehensive data governance. Data privacy relates to the protection of PII (personally identifiable information) – payment card …
You won’t get far with your GDPR (General Data Protection Regulation) compliance activities if you don’t know what’s considered personal data. But it’s not as simple as identifying whether the information you’re processing is in the Regulation’s scope, because the …
Law firms are likely to have a higher information risk profile compared to organisations in many other sectors – and this needs to be managed accordingly. The question is – how?
Data protection is a major concern for organisations large and small. Recent announcements by the UK data protection authority, the ICO (Information Commissioner’s Office), of significant penalties for British Airways (more than £183 million) and Marriott (more than £99 million) …
So, you’re a small business or start-up. You know that you need to comply with the EU GDPR (General Data Protection Regulation), because you process EU residents’ personal data, but the trouble is, you don’t know where to begin. We’ve …