Privacy Archive
When the UK left the EU on 31 January 2020 – sparking a transition period that ends on New Year’s Eve – there were plenty of questions about how organisations would transfer personal data to and from EU member states. …
Under the GDPR (General Data Protection Regulation), all personal data breaches must be recorded by the organisation and there should be a clear and defined process for doing so. Additionally, there are circumstances in which schools must report breaches to …
The EU GDPR (General Data Protection Regulation) requires certain organisations to appoint a DPO (data protection officer) to help them comply with the Regulation. However, a shortage of DPOs means many organisations are appointing staff to act as DPOs without …
More than two years after British Airways disclosed a data breach affecting 500,000 customers, the ICO (Information Commissioner’s Office) has confirmed that the airline will receive a £20 million fine. That’s substantially less than the £183.4 million penalty that was …
Earlier this year, NHS Digital confirmed that it was extending the 2020/2021 assessment period for DSP (Data Security and Protection) Toolkit until 30 September in light of the COVID-19 pandemic. Organisations now have until March 2021 to achieve compliance. In …
Under the General Data Protection Regulation (GDPR), organisations must create a data retention policy to help them manage the way they handle personal information. If you keep sensitive data for too long – even if it’s being held securely and not …
Organisations have had to get a lot more serious about data processing and information security since the EU GDPR (General Data Protection Regulation) came into effect. For many, that has included the mandatory appointment of a DPO (data protection officer) …
Earlier this year, the ECJ (European Court of Justice) invalidated the EU–US Privacy Shield, ruling that it fails to protect people’s rights to privacy and data protection. It followed heavy criticism from the Austrian privacy activist Max Schrems, who argued …
Data loss refers to the destruction of sensitive information. It’s a specific type of data breach, falling into the ‘availability’ category of data security (the other two categories being ‘confidentiality’ and ‘integrity’). Data can be lost in several ways – …
You can find October 2020’s list of cyber attacks and data breaches here. September saw students around the globe returning to classes, only to be met with an avalanche of cyber attacks. The education sector accounted for 20 of the …
