Posts tagged [data security]


  • GDPR enforcement begins – fines from the ICO and CNIL

    GDPR enforcement begins – fines from the ICO and CNIL

    So it’s begun. The GDPR has been in effect for more than a month. While that’s not really enough time to be able to gather meaningful data on what’s being done, we can certainly gain some insight and learn a bit from actions being taken by supervisory authorities like the UK’s Information Commissioner’s Office (ICO), France’s National Commission on Informatics and Liberty (CNIL) and the Austrian Data Protection Authority (DSB).

    Read More  

  • When a DPIA is necessary – the Irish perspective

    When a DPIA is necessary – the Irish perspective

    Under the GDPR each supervisory authority has to prepare and submit to the European Data Protection Board (EDPB) a list of processing operations that require organisations to conduct Data Privacy Impact Assessments (DPIA).

    Read More  

  • ICO provides guidance and awareness resources as deadline looms

    ICO provides guidance and awareness resources as deadline looms

    With the GDPR and the UK data protection law coming into effect in less than 10 days I thought it was important to reflect both on Elisabeth Denham’s recent speech at the IAPP and the Regulatory Action Policy that was released by the Information Commissioner’s Office on May 4.

    Read More  

  • Why businesses should stop complaining about GDPR compliance

    Why businesses should stop complaining about GDPR compliance

    Organisations in Europe and beyond are gearing up to become GDPR compliant, but many are doing so begrudgingly when in fact the exercise should be looked at in a positive light.

    The GDPR provides organisations with an opportunity to develop a new philosophy about data governance. It’s a development that will protect your and my personal information from misuse and abuse.

    Read More  

  • Demonstrate compliance with your records of processing activities report

    Demonstrate compliance with your records of processing activities report

    The GDPR is clear

    In order to demonstrate compliance with this regulation, the controller and processor should maintain records of processing activities under its responsibility. Each controller and processor should be obliged to cooperate with the supervisory authority and make those records, on request, available to it, so that it might serve for monitoring those processing operations.

    Read More  

  • Yes, the GDPR is a good thing for your business

    Yes, the GDPR is a good thing for your business

    There’s been a lot of FUD around the GDPR – Fear about what it’s going to cost to become compliant and what it’ll cost you in fines if you don’t, Uncertainty about how it applies to your particular organisation and how to go about becoming compliant, and Doubt about whether, after all this expense and trouble, it’s going to be of any benefit to your business.

    Read More  

  • GDPR is a marathon not a sprint

    GDPR is a marathon not a sprint

    With all the hype about May 25, many organisations are seeing the date as a GDPR deadline. But it’s not. The implementation date is the starting line for ongoing compliance with the EU’s new data privacy regulation. From this date forward, organisations are expected to be able to show they have systems in place that will continue to meet GDPR compliance

    Read More  

  • What does Uber’s breach tell us about the GDPR and data security?

    What does Uber’s breach tell us about the GDPR and data security?

    It’s crime enough that hackers stole from Uber the personal information of millions of drivers and passengers, but concealing the breach, as Uber did for more than a year, would also be a serious transgression of the law under the European Union’s new General Data Protection Regulation (GDPR) which comes into effect in May 2018.

    Read More  

  • Not started with the GDPR? No GDPR compliance plan? GDPR365 to the rescue!

    Not started with the GDPR? No GDPR compliance plan? GDPR365 to the rescue!

    You must know about the GDPR by now. The European Union’s new General Data Protection Regulation. And that organisations have to become compliant with it by May 2018 or expose themselves to the risk of hefty fines.

    Recent research by multinational software corporation CA technologies’ indicates that with little more than six months from the GDPR coming into force, less than half of all organisations have a compliance programme in place.

     

    Read More  

  • Breach and loss going up. Next stop GDPR

    Breach and loss going up. Next stop GDPR

    Data breaches have been striking businesses worldwide, with the most alarming incidents occurring over the past two years and many more not even being reported. 

    Read More  

  • GDPR : Who’s most at risk and what’s the risk?

    GDPR : Who’s most at risk and what’s the risk?

    Facebook is under pressure as a result of a €1.2-million fine by the Spanish Data Protection Authority for not adequately collecting the consent of its user and non-users. This infringement of data privacy is the second in a matter of months, following a 150 000 fine from the French privacy regulators for a violation along similar lines.

    Read More  

  • Equifax hack makes you ask: are US organisations ready for the GDPR?

    Equifax hack makes you ask: are US organisations ready for the GDPR?

    On 7 September the The Washington Post reported that a security breach at Equifax, a US credit rating bureau, resulted in hackers gaining access to personal data belonging to an estimated 143 million individuals. Apparently, the breach was due to an 11-year-old website application flaw that compromised the personal information of not only Americans, but British and Canadian consumers.

    Amongst the stolen personal data are names, driver’s license details, credit card numbers, social security numbers and birth dates – basically the key ingredients for identity fraud.

    Read More