Blog

In recent news, cyber-attacks have been a major topic of concern across the UK and indeed the globe. The Information Commissioner’s Office (ICO) have just announced a huge fine of £60,000 to an SME who was a victim of a cyber-attack, for not complying with data protection legislation. After an investigation, the ICO found Berkshire-based, Boomerang Video Ltd failed to take simple steps to prevent its website from being attacked. The video game rental business, was the victim of a cyber-attack in 2014, commonly known as the SQL injection attack. Due to a lack of cyber security 26,331 customers had …

As an employer, it is your responsibility to conform with the Data Protection Act to ensure your employees’ data is protected. Human resources should take great care in the transmission and disposal of employee data. In September 2016 Sports Direct were the victims of a cyber-attack, compromising the data of 30,000 employees. Not only were the hackers able to access names, emails, addresses and telephone numbers of these employees, the company failed to inform their employees of the attack, leaving them unaware of their personal data being compromised. We would like to share with you our advice for handling personal …

The GDPR is just around the corner. The European Union’s General Data Protection Regulation comes into effect on the 25th May 2018, which may sound like a long time away, but like everything, it all comes around sooner than you think. Brussels have now given businesses all over the UK, yet another reason to be prepared for EU General Data Protection Regulation, after they reveal a plan to launch a huge marketing campaign telling consumers about the new regime. What’s the campaign about and why should you be prepared? With less than a year to go, there is no time …

Happy New Year to you all, I cannot believe that another year has been consigned to the annals of history. However, more of a concern is the future and that we now only have 507 days until Friday May 25 2018, which is the day that the GDPR comes online; and this figure includes weekends, high-days and holidays! It is going to take most organisations a minimum of 12 months to gain compliance with the new Regulations, and we are here ready and waiting to make that journey with you and take some of the strain and pain away. On behalf of …

Over the past year we have become increasingly busy and sadly this blog has been neglected, for which I am sorry. I post daily news and items on our LinkedIn Group  Data Protection 4U and you can read all about the latest news, developments and insight on Data Protection, Governance, Compliance and Cyber-Security in that group. Join us today and stay in touch with all of the latest information. Visit LinkedIn Group

We have all had experiences of websites where details of how they will use your personal information is buried with pages and pages of privacy polices. This is unfair on the Data Subject and risky for the company concerned as consent and permissions obtained under these conditions cannot be relied upon. With the new EU General Data Protection Regulations (GDPR) on the horizon the ICO is recommending a more transparent approach to privacy notices and started a consultation to obtain the views of privacy experts, businesses and members of the public. Have your say now – you have until the 24th March 2016 to offer your views. …

Merry Christmas from all of us at Griffin House Consultancy and may your 2016 be awesome. Here are our office hours for the festive season Last wording day: Tuesday 22nd December 2015 Office Closed: 23rd December – 3rd January Office reopens: Monday 4th January 2016

On the 15th December 2015 the EU Parliament and Commission agreed the text of the European Commission EU Data Protection Reform proposed in 2012 It has been a long time coming with much argument, but the final text has been agreed, and expected to be signed off next week. Below is the latest information we have on the actual content of the new Regulations. The Reform consists of two instruments: The General Data Protection Regulation will enable people to better control their personal data. At the same time modernised and unified rules will allow businesses to make the most of the opportunities …

The UK is seeing an explosion in the use of Dashboard Cameras and we have been asked a few times what is the position with regards to the Data Protection Act. There is very little guidance out there and so thought that the following advice might be useful. Firstly, dashboard cams are not classed as CCTV as they are not fixed and focused on monitoring a specific area, and so not covered within the ICO’s CCTV Code of Conduct. Just as you can whip out your iPhone and record as you drive along, well, as long as you are not the …