More from Governance, Risk and Compliance – Page 100
-
FeatureGDPR deep dive: how to implement the ‘right to be forgotten’
For banks and other financial institutions one of the key challenges of GDPR will be how to implement the right to erasure (a.k.a. the right to be forgotten).
-
FeatureWhat do healthcare organisations need to consider when preparing for GDPR?
As we know the new rules brought in by GDPR will reinforce current legislation with the addition of some new requirements. Any organisation, including those in the healthcare sector, controlling or processing personally identifiable data will need to comply with GDPR.
-
FeatureGDPR: Changing the ways businesses interact with their customers
From 25 May 2018 the Data Protection Act 1998 (DPA) will be replaced by The General Data Protection Regulation (GDPR), and it will bring important changes to the ways data is stored and processed by businesses.
-
ArticleGDPR and PECR for marketers
Data protection and marketing are so closely interconnected that no marketing plan involving data can move forward without getting data protection right. GDPR – General Data Protection Regulation – and PECR – Privacy and Electronic Communication Regulations – are regulations concerning data protection that marketers must familiarise themselves with.
-
FeatureWhy all teachers and staff must be ready for GDPR
Schools have their own special set of challenges when preparing for GDPR and imminent EU rules will radically change the way all organisations have to look after personal data.
-
Q&AHere are the answers to the most frequently asked questions about GDPR
The most pressing questions asked around the General Data Protection Regulation (GDPR)
-
FeatureThe data protection directive versus the GDPR
When the General Data Protection Regulation (GDPR) takes effect, it will replace the Data Protection Directive (DPD) – becoming enforceable by May 25, 2018. The following is a detailed explanation of the differences between the DPD and the GDPR.
-
FeatureWhat does GDPR mean for the recruitment industry?
Though data breaches may grab the most headlines, becoming GDPR compliant goes much broader than just taking them more seriously.
-
FeaturePersonal data breaches: the responsibility of the data processor
One of the aims of GDPR is “accountability” and this is emphasised when it comes to personal data breaches – that is breaches of security which lead to damage. The potential damage is clearly illustrated in Recital 85 of the GDPR to include “discrimination, identity theft or fraud, financial loss, unauthorised reversal of pseudonymisation, damage to reputation, loss of confidentiality”.
-
FeatureGDPR and the information lifecycle
I’m keen to change the perception that General Data Protection Regulation (GDPR) will act as a drag on organisations. I also want to avoid others falling into the trap of thinking the only inducement for an organisation to comply is to avoid a fine.
-
FeatureHow do business cards sit with GDPR?
Think back to the last business event you attended. You likely met new contacts and at some point may have said, “Here, drop me a line,” reaching into your pocket to produce your details embossed on a flashy, tactile card.
-
FeatureDon’t let your cache be your GDPR weak point
Every system has its weak point. Remember when Luke Skywalker bulls-eyed a small thermal exhaust port with proton torpedos, causing a chain reaction that blew up the Death Star? Okay, it’s an extreme (and fictitious) example. However it reminds us that we must be vigilant about protecting small parts of our IT infrastructure, including the cache.
-
FeatureGDPR and Google Analytics
Many businesses use Google Analytics as their only web analytics tool and are very happy with it.
-
FeatureOpen banking and GDPR, is there a clash?
Open banking is here, that means you can give third parties access to the data held about you by your bank. GDPR is to be enforceable come May of this year, this regulation protects customer privacy. But is there a clash between the two regulations?
-
FeatureBalancing a warm corporate welcome and GDPR
Worth £193bn annually to the UK economy, face-to-face business remains king, so how can UK organisations strike the right balance between a smooth check-in for visitors and meeting the forthcoming GDPR requirements?
-
FeatureFive added benefits of GDPR compliance
The General Data Protection Regulation (GDPR) will bring about a massive overhaul in data protection laws for EU citizens when it goes into effect on May 25, 2018.
-
FeatureHow can schools ensure they are GDPR compliant?
The new GDPR (General Data Protection Regulation) is replacing the current Data Protection Act (DPA) and is set to strengthen and unify all data held within an organisation.
-
FeatureGDPR: What can you prove?
Within the immense framework that is GDPR, there is one clause that invokes a topic in the security community that is particularly interesting, though not very much fun: audit logging. When you read Article 30 that covers “Records of Processing” you see that data processors and controllers need to be able to show how and when data was processed and be able to prove it. Typically this comes in the form of some type of application or security log that provides an audit trail of the actions taken against data from the time of its creation to its erasure.
-
FeatureGDPR Subject Access Requests
Handling subject access requests (“SAR”) effectively and within the legal timeframe remains a challenge for many employers especially where SARs are becoming increasingly onerous
-
Q&ACan employers legally monitor employees’ emails at work?
This year we have seen a high profile European court case and new guidance from the Article 29 Working Party (the data protection advisory body made up of representatives from the data protection authorities in each EU Member State) (“29 WP”) confirming the legal position and providing guidance on monitoring employees at work.
