Tag: data protection service

Tag: data protection service

Morrisons NOT vicariously liable for employee data protection breach says UK Supreme Court
01/04/2020 CISO Blog, DPO Blog, Security Advisory Blog EditoratLarge

Firstly – This is legal information of general interest and does not constitute legal advice of any kind. On April 1, 2020, the UK Supreme Court today handed down their judgement in the case of WM Morrisons Supermarkets plc (Appellant) v Various Claimants (Respondent), case UKSC 2018/0213. The Supreme Court unanimously ruled that Morrisons were not

Read More
CCPA & GDPR: Two Nations Divided by a Common Language
15/07/2019 DPO Blog, Security Advisory Blog EditoratLarge

With six months to go before the California Consumer Privacy Act CCPA goes live in California, it seems we are progressively moving towards common ground when it comes to international privacy law…or are we…?

Read More
Data Protection – ‘The Knowledge’​ – Is your DPO incompetent?
03/07/2019 DPO Blog EditoratLarge

This article looks at the different approaches organisations can take when assessing the competence of potential DPO candidates.

Read More
GDPR Process Inventory – 7 items to record
12/04/2018 DPO Blog EditoratLarge

As a Controller, it is pretty challenging to meet the requirements of GDPR without great records detailing where, what and how personal data is processed. If you’re an organisation with more than 250 employees, there is a requirement to document your processing activities (See Article 30) but if you’re one of those organisations with less than 250 people, then you have a [partial] get-out-of-jail card. The thing is, even if it’s not mandatory, it’s still incredibly useful to document processing activities. This will help you comply with all the other aspects of GDPR you are still ‘on-the-hook’ for. In this brief article, we will look at 7 items which all organisations – small or big – should (or in certain cases must) include in an inventory of their processing activities.

Read More
GDPR – 7 Things encryption won’t solve
10/02/2018 DPO Blog, Security Advisory Blog EditoratLarge

There are lots of reasons to use encryption and other cryptographic techniques when it comes to mitigating the risks associated with protecting the rights and freedoms of Data Subjects under GDPR. There are however a lot of things that encryption won’t solve too. In this brief article, we will look at 7 of those things encryption is just never going to solve.

Read More