More From Legal & Regulations – Page 20
-
FeatureThe data protection directive versus the GDPR
When the General Data Protection Regulation (GDPR) takes effect, it will replace the Data Protection Directive (DPD) – becoming enforceable by May 25, 2018. The following is a detailed explanation of the differences between the DPD and the GDPR.
-
FeatureWhat does GDPR mean for the recruitment industry?
Though data breaches may grab the most headlines, becoming GDPR compliant goes much broader than just taking them more seriously.
-
FeaturePersonal data breaches: the responsibility of the data processor
One of the aims of GDPR is “accountability” and this is emphasised when it comes to personal data breaches – that is breaches of security which lead to damage. The potential damage is clearly illustrated in Recital 85 of the GDPR to include “discrimination, identity theft or fraud, financial loss, unauthorised reversal of pseudonymisation, damage to reputation, loss of confidentiality”.
-
FeatureHow do business cards sit with GDPR?
Think back to the last business event you attended. You likely met new contacts and at some point may have said, “Here, drop me a line,” reaching into your pocket to produce your details embossed on a flashy, tactile card.
-
FeatureGDPR and Google Analytics
Many businesses use Google Analytics as their only web analytics tool and are very happy with it.
-
FeatureOpen banking and GDPR, is there a clash?
Open banking is here, that means you can give third parties access to the data held about you by your bank. GDPR is to be enforceable come May of this year, this regulation protects customer privacy. But is there a clash between the two regulations?
-
FeatureBalancing a warm corporate welcome and GDPR
Worth £193bn annually to the UK economy, face-to-face business remains king, so how can UK organisations strike the right balance between a smooth check-in for visitors and meeting the forthcoming GDPR requirements?
-
FeatureFive added benefits of GDPR compliance
The General Data Protection Regulation (GDPR) will bring about a massive overhaul in data protection laws for EU citizens when it goes into effect on May 25, 2018.
-
FeatureHow can schools ensure they are GDPR compliant?
The new GDPR (General Data Protection Regulation) is replacing the current Data Protection Act (DPA) and is set to strengthen and unify all data held within an organisation.
-
FeatureGDPR: What can you prove?
Within the immense framework that is GDPR, there is one clause that invokes a topic in the security community that is particularly interesting, though not very much fun: audit logging. When you read Article 30 that covers “Records of Processing” you see that data processors and controllers need to be able to show how and when data was processed and be able to prove it. Typically this comes in the form of some type of application or security log that provides an audit trail of the actions taken against data from the time of its creation to its erasure.
-
FeatureGDPR Subject Access Requests
Handling subject access requests (“SAR”) effectively and within the legal timeframe remains a challenge for many employers especially where SARs are becoming increasingly onerous
-
FeatureDealing with subject access requests under GDPR
Under the new General Data Protection Regulation (“GDPR”), which will come into force on 25 May 2018, individuals will benefit from heightened rights in terms of their ability to request and access personal data from any entities holding such data about them.
-
FeatureElizabeth Denham’s Full Speech on Cyber Security and Data Protection
Elizabeth Denham, UK Information Commissioner, ICO talked about how cyber security and data protection are inextricably linked in her speech at the CBI Cyber Security Conference on 13 September 2017.
-
FeatureHow to manage a GDPR project
Compliance with the GDPR is likely to be a key project for many companies, especially the far reaching nature of the requirements under the GDPR and potential fines for non-compliance of up to 4% of annual worldwide turnover.
-
FeatureThe five essentials of data access control
Organisations now have under a year to prepare for the introduction of the general data protection regulations. One action that needs to be prioritised is establishing clear and secure user access to any data that the organisation holds.
-
FeatureGDPR compliance: Where does the responsibility lie?
The natural assumption ahead of GDPR implementation is that businesses and service providers have, or are, taking steps to ensure that their systems and processes are compliant.
-
FeatureGDPR: What landlords and letting agents need to know
Data protection is about to change dramatically with the introduction of the GDPR, and the housing sector needs to be aware of the implications.
-
FeatureGDPR and storage limitation: time to update your data retention policy?
The gist of the storage limitation principle under the General Data Protection Regulation (“GDPR”) (Art 5(1)(e)) isn’t materially different to the existing principle under the Data Protection Directive. In a nutshell, personal data should not be retained longer than necessary, in relation to the purpose for which such data is processed.
-
FeatureGuidelines and consequences for non-compliance
Even though enforcement doesn’t begin until May 2018, there are some key questions every organisation should be asking itself as the enforcement day approaches.
-
FeatureFive ways technology accelerates GDPR compliance
You may already be familiar with the GDPR. Indeed, you may be working right now on a compliance strategy to target the Regulation. Or maybe there’s still a lot of work to be done: research last year indicated that just 46 percent of organisations are highly confident that they’ll be ready by the implementation date and 88 percent report technological challenges.