EU GDPR Archive
A data flow is the transfer of information from one location to another – for example, from suppliers and sub-suppliers through to customers. It’s essential that organisations map these flows in order for them to keep data secure and meet …
As part of your GDPR (General Data Protection Regulation) compliance project, your organisation must understand what personal data it processes. To help you do this, you must create a data flow map. A data flow map shows how your organisation’s data and information …
Personal data is the lifeblood of many organisations, but it is becoming increasingly important to manage the way that information is used. Organisations that fail to do so risk data breaches, reputational damage, lost time and financial repercussions. This is …
Sensitive data is one of an organisation’s most important assets, so it makes sense that you prioritise its security. Information security is “the practice of preventing unauthorized access, use, disclosure, disruption, modification, inspection, recording or destruction” of sensitive records. This …
Third-party suppliers are a common source of confusion for organisations considering their GDPR (General Data Protection Regulation) compliance requirements. When the Regulation was first introduced, the issue of third-party suppliers and their relation to organisations’ own GDPR compliance received a …
As part of your GDPR (General Data Protection Regulation) compliance project, you must be able to understand what personal data you process. Specifically, Article 30 states that you must “maintain a record of processing activities under responsibility”. To achieve …
It’s been two years since the GDPR (General Data Protection Regulation) took effect, and despite many people saying it was a lot of fuss over nothing, it has had a significant effect on the way organisations operate. For one, DSARs …
Before beginning your data mapping exercise, you need to identify the personal data you hold. Personal data is any information that can directly or indirectly identify a natural person. The GDPR (General Data Protection Regulation) places much stronger controls on the …
The concepts of data privacy and data security might sound similar, but each involves a totally different set of processes and skills for comprehensive data governance. Data privacy relates to the protection of PII (personally identifiable information) – payment card …
You won’t get far with your GDPR (General Data Protection Regulation) compliance activities if you don’t know what’s considered personal data. But it’s not as simple as identifying whether the information you’re processing is in the Regulation’s scope, because the …
