Latest GDPR & Data Protection Related News, Tips & Advice

Data leaks are a serious problem for organisations and individuals. In this day and age, individuals freely provide personal information to organisations, therefore a data leak can have a significant impact on both the company and the person. They often involve the exposure of personal data (such as name, address and financial details), with additional damage to the company or organisation in terms of potential financial loss and reputational damage.

In our recent article, the Ultimate Guide to Website Cookies we set out what cookies are, and why you need to know about them when it comes to complying with legislation and regulation.

When people think about the causes of a data breach, the first thing to come to mind will almost certainly be hacking. However, not all breaches are a direct result of illegal activities by external sources; some can happen accidentally. Therefore, in order to ensure your cyber security and data protection measures are as robust as possible, it’s important to first understand the different types of breaches that can occur.

In this article, we will explain what an ICO reprimand is and highlight different examples of data protection breaches and how the organisations have been reprimanded.

We also want to offer various different ways to ensure that you and your staff are as informed as possible to avoid any data breaches and so escape being reprimanded.

When visiting a website, more often than not, you are presented with the option of accepting cookies before you are able to browse what it is you are looking for. In 2011, changes in UK and EU legislation made it a legal requirement for websites to implement the ePrivacy Directive, when obtaining user content for the purpose of cookies.

Most UK business owners and organisations are familiar with UK GDPR but many won’t have had experience with personal data laws in other countries. We know that the business world holds no limits when it comes to distance and that international data transfers are happening more frequently.

Data breaches are a serious problem in the digital age, and can have far-reaching implications for both individuals and businesses. A data breach is one of the most severe forms of security threat and can lead to information theft, financial damage, and reputational damage. Identifying when you’ve suffered a data breach is essential for taking action to protect your assets, reputation, and customers. But how exactly do you know when you’ve suffered from one?

The Data Protection and Digital Information Bill (DPDI) reform bill was initially proposed in July 2022 but was paused in September 2022.The revised draft was submitted to parliament on 8th March 2023. In this article, you will learn what the changes are and what those changes mean for businesses and Data Subjects. You can also watch our free webinar below

When you consider the kind of data that is collected across different organisations, it is obvious why it is so important that data is protected. Addresses, medical history, date of birth and credit history are just some of the types of personal data that are stored and protected under GDPR and measures are put in place to prevent data leaks.

The Information Commissioner’s Office has recently called for accountants to play their role in SMEs' data protection compliance. For a lot of accountants, this news has not gone down well as many do not believe that it is their role or responsibility to talk to their clients about GDPR, particularly as it is not generally their area of expertise. Interestingly the ICO did not contact any accountants to get their view on this proposal.

The role of a data protection officer is to ensure that an organisation complies with the requirements set out by the General Data Protection Regulation (GDPR). They will oversee an organisation’s data protection strategy and implementation. Their roles and responsibilities are very clearly stipulated in GDPR and in some instances, organisations are required to appoint a DPO.

A DPIA, or Data Protection Impact Assessment, is a mandatory process that assists organisations with identifying potential risks that come with data processing and how that may affect an individual’s freedoms and rights.

There must be a consideration of how those risks can be reduced or eliminated through the necessary measures. DPIAs have been mandatory in certain circumstances since 25th May 2018 which is when GDPR came into effect.