Neil Ford, Author at IT Governance UK Blog

Coronavirus: maintaining GDPR compliance during the COVID-19 pandemic

Neil Ford 26th March 2020 Uncategorised

The measures we all must take to slow the spread of COVID-19 will inevitably cause disruption for most organisations. Reducing the impact on your business is paramount. One area you might not have considered is how to maintain compliance with …

[Continue Reading...]

GDPR: lawful bases for processing, with examples

Neil Ford 13th March 2020 EU GDPR

First published June 2018. Last updated March 2020. Under the EU GDPR (General Data Protection Regulation), you need to identify a lawful basis before processing personal data. But what is a lawful basis for processing? Do you always need individuals’ …

[Continue Reading...]

2019 end-of-year review part 2: July to December

Neil Ford 30th December 2019 Uncategorised

Welcome to the second part of our round-up of 2019’s information security stories. You can read the first part here >> July The second half of the year began with major data privacy news: the UK’s data protection authority, the …

[Continue Reading...]

British Airways data breach: class action lawsuit approved

Neil Ford 11th October 2019 EU GDPR

The 2018 British Airways data breach was one of the first to occur under the GDPR (General Data Protection Regulation), so the ICO (Information Commissioner’s Office)’s investigation into the incident was seen as a test case. It was therefore unsurprising …

[Continue Reading...]

Medical debt collection agency files for bankruptcy protection after data breach

Neil Ford 20th June 2019 Cyber Security

A US medical bill and debt collection agency has filed for Chapter 11 bankruptcy protection after suffering a data breach that exposed the sensitive personal data of at least 20 million people. Compromised data included names, addresses, dates of birth …

[Continue Reading...]

Weekly podcast: Goodbye!

Neil Ford 14th March 2019 Other Blogs, Podcast

In our last ever podcast, we discuss Citrix’s data breach, the GDPR and cookie walls, data breach notification, and Patch Tuesday. Hello and welcome to the IT Governance podcast for Thursday, 7 March 2019. It’s our last episode, so I …

[Continue Reading...]

Weekly podcast: Reports galore! DCMS, Microsoft and Cisco

Neil Ford 7th March 2019 Podcast

This week, we delve into the government’s FTSE 350 Cyber Governance Health Check report, Microsoft’s Security Intelligence Report Volume 24, and Cisco’s latest Data Privacy Benchmark Study. Hello and welcome to the IT Governance podcast for Thursday, 7 March 2019. …

[Continue Reading...]

Weekly podcast: ICANN, DNS and DNSSEC; credential stuffing; passwords managers; and EDPS report

Neil Ford 28th February 2019 Cyber Security, Other Blogs, Podcast

This week, we discuss ICANN’s warning about DNS attacks, the extent of credential stuffing attacks on the retail sector, password managers’ responses to recent research into security flaws, and the European Data Protection Supervisor’s annual report for 2018. Hello, and …

[Continue Reading...]

Data protection fee: how much must data controllers pay to register with the ICO?

Neil Ford 26th February 2019 Data Protection, EU GDPR

This blog has been updated to reflect industry updates. Originally published 20 June 2018. If you’re classified as a data controller under the GDPR (General Data Protection Regulation), you might have overlooked an important compliance obligation: since 25 May 2018, the …

[Continue Reading...]

Weekly podcast: Mumsnet, OkCupid and Apple

Neil Ford 14th February 2019 Cyber Security, Podcast

This week, we discuss a data breach at Mumsnet, no data breach at OkCupid, and a lawsuit against Apple for implementing security measures. Hello, and welcome to the IT Governance podcast for Thursday, 14 February 2019. Here are this week’s …

[Continue Reading...]

Neil Ford Archive