Search Results for: gdpr
Under the General Data Protection Regulation (GDPR), organisations must create a data retention policy to help them manage the way they handle personal information. If you keep sensitive data for too long – even if it’s being held securely and not …
Perhaps the most widely discussed set of compliance requirements within the GDPR (General Data Protection Regulation) are those found in Article 32. That’s because it contains the measures that organisations must implement to prevent cyber attacks and data breaches. In …
If you’re transferring data outside of the EEA, the GDPR (General Data Protection Regulation) imposes some restrictions. These apply to all data transfers, no matter the size of the transfer or how often you carry them out. So how do you …
In the second quarter of 2020, data protection bodies across Europe issued at least 46 administrative fines under the GDPR (General Data Protection Regulation), with the penalties totalling nearly €2.9 million (£2.6 million). This is a sharp decrease on Q1, …
What is the GDPR? A quick overview The GDPR (General Data Protection Regulation) came into effect on 25 May 2018, and was designed to strengthen the rights of EU residents regarding the way organisations process and use their personal data. …
The General Data Protection Regulation (GDPR) grants data subjects the right to access any personal data an organisation holds on them. This is known as a data subject access request (DSAR). DSARs are not a new concept, but the GDPR introduced several changes …
The measures we all must take to slow the spread of COVID-19 will inevitably cause disruption for most organisations. Reducing the impact on your business is paramount. One area you might not have considered is how to maintain compliance with …
First published June 2018. Last updated March 2020. Under the EU GDPR (General Data Protection Regulation), you need to identify a lawful basis before processing personal data. But what is a lawful basis for processing? Do you always need individuals’ …
The GDPR (General Data Protection Regulation) gives individuals more control over how their personal data is used. If your organisation processes personal data, the Regulation requires you to provide data subjects with certain information. This typically takes the form of a data privacy …
The first 72 hours after you discover a data breach are critical. Why? The GDPR (General Data Protection Regulation) requires all organisations to report certain types of personal data breach to the relevant supervisory authority. More specifically, Article 33 says that, in the event …
