Blog

If you’re still worried about GDPR compliance then you’re not alone. With so many areas to cover and keep updated, it’s no wonder that so many companies are feeling overwhelmed. If you’re a small to medium sized organisation, it’s particularly important to ensure you’re protecting your company and your clients from a data breach. You are most at risk of an expensive error harming your company and reputation. So, to help assist you in assessing your compliance, we’ve put together some tips to not only increase your confidence in GDPR compliance, but to ensure that any personal client information is …

The end of PPI calls Personal protection insurance (PPI) has become something of a nuisance term over the past few years. Almost every adult you speak to will have experienced a nuisance call regarding PPI, often from companies who are not legitimate. In fact, The Financial Conduct Authority found that in the last 12 months, approximately 2.7 billion unsolicited calls, texts and emails were made in the UK. This adds up to approximately 50 calls, texts or emails being made to every member of the adult population in the country, regarding PPI. Well, these cold calls are now banned in …

There has been so much attention regarding the GDPR recently, but one element that hasn’t been in the limelight very much is that of the data protection fee, and the potential (likely) need to register with the ICO. This is not new, although it is slightly different to the requirements of the Data Protection Act 1998.  It was always the case that if you processed data, you should have registered, although evidence showed that not all organisations who should have registered, did. Have you registered? The rules now state that every organisation that processes personal information is required to pay …

The potential financial penalties that can arise from a serious data breach have been well publicised with the introduction of the GDPR in May this year. Non-compliance brings a risk of fines up to €20 million or 4% of annual turnover, whichever is greater. This is a significant amount of money and the impact on most businesses would likely be catastrophic.  But there is no need for panic.  These are maximum amounts and the ICO has the capacity to impose smaller fines, in keeping with the nature of the breach, or even non-financial actions such as warnings and reprimands. However, …

This does seem at first glance to be an unlikely notion.  Usually, when we think of a data breach, we think of reputations being damaged, with nothing enhanced. However, when you think about it for a moment, there are benefits to be found and these should be seized upon. An ‘incident’, which is any potential breach, needs to be recorded internally and investigated.   Once a ‘failure’ or ‘weakness’ is made apparent, whilst it can be a shock, this should be welcomed as an opportunity for improvement.  If you don’t know something is wrong, you can’t fix it.  Once you know, …

The EU-US Privacy Shield was designed by the US Department of Commerce and the European Commission. Its aim is to provide companies on both sides of the Atlantic with “a mechanism to comply with data protection requirements when transferring personal data from the European Union to the United States in support of transatlantic commerce”. It has been in place since July 2016, however, it has now hit a stumbling block.  MEP’s have stated that due to a number of issues, they believe that the Privacy Shield is now not compliant with the latest EU data protection legislation. On the 4th July …

Another week, another data breach. This time it is Dixons Carphone who are in the spotlight after an incident occurred which involved the data of nearly 6 million customers being compromised. This episode has been branded as one of the UK’s biggest data breaches at a single firm and Dixons Carphone have since seen a 6% drop in share price following the attempted hack which involved unauthorised access to 5.9 million customers’ bank cards. Dixons Carphone have since said they identified the huge breach during a review of their data and systems. Data that was left compromised during the hack …

Last month, we saw the arrival of not only the highly anticipated GDPR, but also the new and improved Data Protection Act of 2018. With the combination of both of these new legislations, the UK is being recognised as one of the most advanced data protecting countries in the world. The Data Protection Bill was first spoken about this time last year, and following its journey through parliament, it has now found its place in the UK law as the new Data Protection Act 2018. The previous Data Protection Act of 1998 did not account for the modern internet, technology …

There has been a huge amount of talk regarding data protection and the new GDPR legislation over the last few months as all organisations are under pressure to be totally compliant by the impending deadline: May 25th (that is today!) If you need any information regarding GDPR and how it will change the way in which you can communicate with clients and customers, please visit our blog page where we have several posts discussing this new regulation.   Today, however, we would like to talk to you about accountability. Accountability is a new ‘notion’ in the GDPR, although the ICO …

With every passing day taking us closer to the 25th May, many different organisations are panicking as they desperately try and ready themselves for the new legislation: GDPR. The ICO have put together a very valuable tool – a self-assessment that helps you identify exactly what you have already got nailed down and what you need to work on before the end of the month. The assessment is split into these seven sections: Data Protection Assurance Checklist In this section, the ICO help you identify whether you are a controller or a processor of data, and then information regarding consent …