GDPR and Data Privacy Free Resources

 

Bell Educational Services Ltd

Discover how this educational charity implemented a privacy compliance framework aligned to BS 10012 using IT Governance’s consultancy services.

Download now

Carlsberg

Download the full case study to find out how Carlsberg’s bespoke e-learning programme solution helped it comply with the GDPR. 

Download now

London-based start-up

This case study details how a London-based start-up was assessed by IT Governance and given an action plan to achieve and maintain compliance with the GDPR and DPA 2018.

Download now

 

A Beginner's Guide to the Data Protection Officer (DPO)

A Beginner's Guide to the Data Protection Officer (DPO)

Under the GDPR, many organisations are required to appoint a DPO. Are you one of them? Find out what the DPO does, if you need to appoint one and how to fill the role in this easy-to-read green paper.

Download now

A Concise Guide to Data Protection Impact Assessments (DPIAs)

A Concise Guide to Data Protection Impact Assessments (DPIAs)

This paper explains exactly what DPIAs are, why and when you need to conduct them, and offers a straightforward approach that you can tailor to your needs in order to conduct your assessments efficiently, effectively and in line with the law.

Download now

A Concise Guide to Data Subject Access Requests (DSARs)

A Concise Guide to Data Subject Access Requests (DSARs)

This free paper explains how to manage data subjects' rights in line with the GDPR and clarifies the new obligations for organisations.

Download now

Appointing an EU Representative – What UK organisations need to know

Appointing an EU Representative – What UK organisations need to know

Now that the UK has left the EU, organisations must appoint an EU representative, or risk significant financial penalties. Download this paper to discover who need a representative and how they are designated.

Download now

BS 10012:2017 – An introduction to personal information management systems

BS 10012:2017 – An introduction to personal information management systems

Get to grips with what BS 10012 and discover the benefits of implementing a BS 10012-compliant PIMS from the data protection experts in this free green paper

Download now

Conducting a Data Flow Mapping Exercise Under the GDPR

Data Flow Mapping Under the GDPR

Receive data flow mapping tips from the GDPR experts, and discover why data flow mapping is so important for GDPR compliance in this free green paper.

Download now

DSP Toolkit – A compliance guide

DSP Toolkit – A compliance guide

In response to the increased threat of cyber attacks, healthcare organisations must comply with both the GDPR and the DSP (Data Security and Protection) Toolkit, which superseded the Information Governance Toolkit in April 2018. Download this paper to learn more about the DSP Toolkit.

Download now

EU General Data Protection Regulation – A compliance guide

EU General Data Protection Regulation – A compliance guide

If your organisation is not fully compliant with the GDPR yet, you should prioritise addressing those areas where a lack of action leaves you exposed. Download this free green paper to understand the key elements of the Regulation, and what you need to do to comply.

Download now

GDPR and PECR – A guide for marketers

GDPR and PECR – A guide for marketers

This free guide explains what you need to do to ensure your marketing activities are lawful, and how you can save time by addressing all three pieces of legislation - the GDPR (General Data Protection Regulation), DPA (Data Protection Act) 2018 and PECR (Privacy and Electronic Communications Regulations) - together.

Download now

ISO 27701 – Privacy information management systems

ISO 27701 – Privacy information management systems

ISO/IEC 27701:2019 is the international standard that provides guidelines for privacy information management. Map your path to GDPR and DPA 2018 compliance with this new framework. Download this free paper now to learn more.

Download now

The Data Protection Act 2018 – Understanding the basics

The Data Protection Act 2018 – Understanding the basics

the DPA (Data Protection Act) 2018 is a cornerstone of UK data protection legislation, and will become even more important now the UK has left the EU. Download this free paper for a complete introduction to the DPA 2018.

Download now

 

GDPR Fines Quarterly Report

GDPR Fines Quarterly Report

As the number of fines issued for contraventions of the GDPR continues to grow, it’s essential that organisations take the necessary measures to improve data privacy compliance.

IT Governance can help you identify your weakest security areas and take appropriate action by following our practical recommendations.

Download now

GDPR Implementation Review

GDPR Implementation Review

IT Governance's implementation review considers how prepared organisations felt they were for the GDPR and what measures they had put in place to meet the requirements of the Regulation.

This review considers the common questions our respondents asked and looks to answer the most common misconceptions.

Download now

GDPR – The Year So Far

GDPR – The Year So Far

Together with the DPA (Data Protection Act) 2018, the introduction of the GDPR heralded a robust data processing regime for the 21st century, promising punishing fines for non-compliance.

One year later, how were organisations faring?

Download now

Implementation challenges and milestones for early adopters of the GDPR

Implementation challenges and milestones for early adopters of the GDPR

Download our GDPR Report for 2017, which analyses data from more than 250 professionals worldwide, identifying the level of awareness, the measures taken to manage compliance, and the key challenges faced in the GDPR.

Download now

 

7 Steps to Highly Effective GDPR Compliance

7 Steps to Highly Effective GDPR Compliance

This free guide has been designed to take you from where you are on your GDPR compliance journey to where you want to be. Drawing on our first-hand experience helping organisations comply with the Regulation, we outline seven simple yet effective measures to improve your compliance posture.

Download now

Data privacy and protection solutions

Data privacy and protection solutions

Don't risk it. Make your data privacy investment count. IT Governance’s privacy solutions are geared towards making your data privacy investment count.

Find out how we can help you meet your data privacy compliance needs by downloading our privacy brochure.

Download now

The Data Breach Survival Guide

The Data Breach Survival Guide

Data breaches happen. How will you respond?

Download this guide to discover what to do when disaster strikes to meet the personal data breach requirements of the ICO (Information Commissioner’s Office).

Download now

No-deal Brexit – A data protection action plan

No-deal Brexit – A data protection action plan

This short guide summarises what a no-deal Brexit will mean for data protection in the UK and outlines a simple five-step action plan to prepare for no-deal data processing.

Download now

 

9 ways ISO 27001 helps you comply with the GDPR

9 ways ISO 27001 helps you comply with the GDPR

Download our free infographic to learn more about how ISO 27001 can aid your journey to GDPR compliance.

Download now

EU General Data Protection Regulation (GDPR) in 1 minute

EU General Data Protection Regulation (GDPR) in 1 minute

Download our free inforgraphic for a full run down of the EU GDPR in 1 minute.

Download now

GDPR fines and penalties issued in Europe

GDPR fines and penalties issued in Europe

Download our free inforgraphic and find out how many fines have been issued, for how much, and which country has issued the most fines since the Regulation took effect in May 2018.

Download now

GDPR data subject access request (DSAR) flowchart

GDPR data subject access request (DSAR) flowchart

Download our free infographic for more information as to how to process DSARs.

Download now

The role of the DPO

The role of the DPO

Download our free infographic for a full run down on the Data protection officers (DPO) role.

Download now

 

On-demand GDPR and privacy webinars

Practical implications of the Schrems II ruling

Presenters:

  • Camilla Winlo, Director of Consulting Services, DQM GRC
  • Preston Bukaty, GDPR Consultant, IT Governance USA

In the wake of complaints from the Austrian privacy activist Max Schrems, who argued that the US government’s mass surveillance practices contradict the protections that the EU–US Privacy Shield was supposed to provide for organisations that make transatlantic personal data transfers, the ECJ (European Court of Justice) ruled that the Privacy Shield is no longer valid.

It also ruled that EU SCCs (standard contractual clauses), also known as model clauses, are valid in principle but not always in practice, depending on the circumstances of those data transfers. This also causes problems for EU-based organisations that intend to transfer personal data to and from the US.

Read more

Q&A and panel discussion: Privacy and compliance challenges organisations face in 2020

With Brexit looming large and COVID-19 creating new challenges and opportunities for privacy professionals, our GRCI Law’s data protection experts answer burning privacy questions in this panel discussion and Q&A session as they discuss the key privacy challenges organisations face in 2020.

The panel consists of specialists in data privacy and GDPR compliance who have vast experience managing data subject access requests, data breach reporting, the DPO’s role and responsibilities, EU data transfers, contractual rights and general GDPR/DPA compliance.

Read more

CCPA compliance: What you can do before it’s too late

The date for enforcement of the CCPA (California Consumer Privacy Act) – July 1, 2020 – is approaching fast, which means that organisations found to be in breach of the Act after this date risk fines for non-compliance from California’s regulators. 

In this webinar, Preston Bukaty provides insights into conducting a CCPA gap analysis and the key steps required to comply with the Act.

Discover:

  • How to conduct a gap analysis to identify non-compliance risks;  
  • The role of data mapping in identifying personal information covered by the law; and 
  • Practical steps to demonstrating compliance with the CCPA.

Managing data subject access requests (DSAR) in a timely and cost-effective manner 

Free GDPR webinar download: Closing the gap between CCPA and GDPR

The enforcement of the General Data Protection Regulation (GDPR) in May 2018 eliminated the cost barrier (in most cases) for an individual to submit a data subject access request (DSAR), increasing the burden on organisations to provide their customers with their records in a shorter amount of time at no cost.

Therefore, handling DSARs in line with the GDPR’s requirements and ensuring that there is suitable evidence of processing a request can be a challenge for most organisations.

Read more

Closing the gap between CCPA and GDPR

Free GDPR webinar download: Closing the gap between CCPA and GDPR

Download this IT Governance webinar to get a deeper understanding of how you can align the California Consumer Protection Act (CCPA) and GDPR compliance requirements. 

Read more

Challenges for data protection officers (DPOs)

Free GDPR webinar download: Challenges for DPOs

Learn about the key challenges of Data Protection Officers (DPOs) 

According to the IAPP (International Association of Privacy Professionals, as many as 75,000 new DPOs are now needed globally. However, being a relatively new role, there is a vast shortage of talented candidates and a lack of understanding as to what the role of DPO entails.

Finding the time to adequately execute the tasks and responsibilities could prove challenging. While a DPO must have access to all personal data processes and activities within the organisation, the complexity of the job role can often prove challenging.

Read more

BS 10012: An Introduction

Data protection has never been a more important topic. With the European General Data Protection Regulation (EU GDPR) in full force, it is crucial that organisations can demonstrate their commitment to protecting personal information.

The solution? BS 10012:2017 (BS 10012).

Read more

An Introduction to the Data Protection Act 2018 Part 3 – Law Enforcement Processing

Free GDPR webinar download: An Introduction to the Data Protection Act 2018 Part 3

UK competent authorities processing personal data are required to comply with the DPA (Data Protection Act) 2018, specifically Part 3, which relates to law enforcement processing.

Read more

The GDPR: demonstrating data protection by design and by default

Free GDPR webinar download: demonstrating data protection by design and by default

The GDPR makes data protection by design and by default mandatory and puts significant pressure on organisations to consider GDPR compliance as a business requirement rather than an IT issue. 

Read more

GDPR compliance: getting everyone in the organisation on board

Free GDPR webinar download: GDPR compliance: getting everyone on board

Research shows that despite an increase in employee cyber security awareness, bad habits and irresponsible behaviour persist. To comply with the GDPR, organisations need to create a shift in organisational culture to better support business objectives and tackle bad security habits. Implementing a GDPR-compliant framework involves deploying an effective staff awareness programme. 

Read more

Risk assessments and applying organisational controls for GDPR compliance

Free GDPR webinar download: Risk assessments and applying organisational controls for GDPR compliance

The GDPR requires organisations to take a risk-based approach to data protection.

To comply with the Regulation, organisations need to adjust and implement controls in line with the level of risk to the fundamental rights of data subjects.

Read more

Conducting a data flow mapping exercise under the GDPR

Free GDPR webinar download: Conducting a data flow mapping exercise under the GDPR

An essential step in preparing for GDPR compliance is conducting a data flow audit to identify and map the sources of your organisation’s personal data.

Read more

The GDPR and its requirements for implementing data protection impact assessments (DPIAs)

Free GDPR webinar download: The GDPR and its requirements for implementing DPIAs

Under the GDPR, organisations are required to conduct DPIAs to identify and reduce the data protection risks of a project or a system. 

Read more

GDPR priorities for local government and initiating a compliance programme

Free GDPR webinar download: GDPR priorities for local government

The GDPR imposes a significant number of obligations and responsibilities on data controllers and processors. 

This webinar, presented by IT Governance and its partner Agilisys, sheds light on the GDPR priorities for local government and the steps required to initiate a GDPR compliance programme. 

Read more

The challenges faced by local government in achieving GDPR compliance

Free GDPR webinar download: The challenges faced by local government in achieving GDPR compliance

The GDPR requires public authorities and local councils within the European Union to implement appropriate safeguards, policies and procedures to protect personal data.

Read more

Legal obligations and responsibilities for data processors and controllers under the GDPR

Free GDPR webinar download: Legal obligations and responsibilities for data processors

The GDPR imposes a significant number of obligations and responsibilities on controllers and processors.

Read more

Data protection by design and by default under the GDPR

Free GDPR webinar download: Data protection by design and by default

The GDPR highlights the active role played by the principles of ‘privacy by design’ and ‘privacy by default’ in ensuring that organisations protect data subjects’ rights. 

Read more

The GDPR: The catalyst for customer 360

Free GDPR webinar download: The GDPR: The catalyst for customer 360

Achieving and managing GDPR compliance can be a complex task for organisations that handle a large volume of data. Organisations that aspire to evolve from a traditional business approach to digitally driven processes and operations while managing compliance with the Regulation will need a 360-degree view of their data subjects and have data protection at their core.

Read more

Achieving GDPR compliance in local government

Free GDPR webinar download: Achieving GDPR compliance in local government

The GDPR represents the biggest change to data protection law for more than 20 years and introduces substantial challenges for both public- and private-sector organisations. 

In this webinar, IT Governance and its partner Agilisys will discuss the nine steps that local government and its partners can use to achieve GDPR compliance. 

Read more

The GDPR and NIS Directive: Risk-based security measures and incident notification requirements

Free GDPR webinar download: The GDPR and NIS Directive

Both the GDPR and the NIS Directive (Directive on security of network and information systems) create new requirements for organisations to meet.

Read more

GDPR compliance requirements for Cloud-based applications

Free GDPR webinar download: GDPR compliance requirements for Cloud-based applications

The GDPR applies to all organisations that process EU residents’ personal data. Under the GDPR, businesses that fail to comply with the Regulation and suffer a data breach face fines of up to €20 million or 4% of annual global turnover – whichever is greater. 

Cloud-based application providers recognise that achieving GDPR compliance can be a complex project that demands time, skills and resources. 

Read more

Data flow audit and data mapping for GDPR compliance

Free GDPR webinar download: Data flow audit and data mapping for GDPR compliance

An essential step in preparing for GDPR compliance is conducting a data flow audit to map and identify the sources of your organisation’s personally identifiable information.

Read more

Appointing a data protection officer (DPO) under the GDPR

Free GDPR webinar download: Appointing a DPO under the GDPR

Under the GDPR, some organisations collecting and processing EU residents’ personal data must appoint a DPO (data protection officer). 

Read more

GDPR requirements for Cloud providers

Free GDPR webinar download: GDPR requirements for Cloud providers

The GDPR introduces new requirements for Cloud service providers processing EU residents’ data, whether or not the service provider is based or has operations in the EU.

Read more

Privacy and GDPR: How Cloud computing could be your failing

Free GDPR webinar download: Privacy and GDPR: How Cloud computing could be your failing

The GDPR creates a new set of requirements for Cloud service providers processing EU residents’ data, regardless of whether or not the service provider is based or has operations in the EU.

This webinar is designed to equip individuals involved in GDPR compliance and organisations storing data in the Cloud with an understanding of the Regulation’s requirements.

Read more

Accountability under the GDPR, and what it means for boards and senior management

Free GDPR webinar download: Accountability under the GDPR

The GDPR has major penalties for non-compliance. Boards and senior management are responsible for ensuring their organisation complies with the Regulation’s requirements, and protecting the confidentiality, integrity and availability of EU residents’ personal information.

Read more

Data breaches and the EU GDPR

Free GDPR webinar download: Data breaches and the GDPR

The GDPR introduces tough penalties for data breaches. Fines of up to €20 million or 4% of annual global turnover – whichever is greater – can be enforced, depending on the severity and conditions of the breach. 

Now is the time for organisations to get their data protection practices in order and aligned with the Regulation’s requirements.

Read more

Revising policies and procedures under the EU GDPR

Free GDPR webinar download: Revising policies and procedures under the GDPR

TThe GDPR superseded the UK’s Data Protection Act 1998. Significant and wide-reaching in scope, it brings a 21st-century approach to data protection. It expands the rights of individuals to control how their personal information is collected and processed, and places a range of new obligations on organisations to be more accountable for data protection.

Read more

EU GDPR and you: requirements for marketing

Free GDPR webinar download: The GDPR and you: requirements for marketing

The GDPR superseded the UK’s Data Protection Act 1998. Significant and wide-reaching in scope, it brings a 21st-century approach to data protection. It expands the rights of individuals to control how their personal information is collected and processed, and places a range of new obligations on organisations to be more accountable for data protection.

Read more

GDPR compliance and information security: reducing data breach risks

Free GDPR webinar download: GDPR compliance and information security: reducing data breach risks

Although many businesses understand the importance of implementing the right procedures to detect, report and investigate a data breach in compliance with the GDPR, not many are aware of the benefits of implementing an ISO 27001-compliant ISMS (information security management system).

Read more

Compliance solutions: How can penetration testing support your GDPR project?

Free GDPR webinar download: Compliance solutions: How can penetration testing support your GDPR project?

Although many organisations are familiar with the concept of penetration testing, they often struggle to understand how to fit it into their overall GDPR compliance project, or even how to get started. It is vital that organisations properly ascertain vulnerabilities and test and apply patches.

Organisations should intensify the implementation of information security controls and technologies, including IT security monitoring, testing and measuring, in compliance with Article 32 of the GDPR.

Read more

GDPR challenges for the healthcare sector and the practical steps to compliance

Free GDPR webinar download: GDPR challenges for the healthcare sector and the practical steps to compliance

With growing cyber threats facing the NHS and other healthcare organisations, and the UK government promising patients secure healthcare services, addressing cyber security must be a priority for all organisations handling patient records and sensitive data.

Read more

How can an ISO 27001-compliant information security management system (ISMS) help law firms achieve GDPR compliance?

Free GDPR webinar download: How can an ISO 27001-compliant ISMS help law firms achieve GDPR compliance?

The legal sector is a popular target for cyber attacks. With such a wealth of confidential information on offer, this is not surprising. According to PwC’s 2017 Law Firms’ Survey, the majority of law firms have experienced a security incident in the past 12 months, with phishing attacks being the most common.

Under the GDPR, law firms must disclose breaches that compromise data subjects’ rights.

Read more

The responsibilities of controllers and processors under the GDPR and how ongoing staff awareness can support compliance

Free GDPR webinar download: The responsibilities of controllers and processors under the GDPR

The GDPR creates a significant number of responsibilities and obligations for controllers and processors. Data controllers must determine the purpose for which data is collected and implement control measures appropriate to the risk to ensure ongoing compliance. Data processors will also be assigned a set of obligations, such as processing data in line with the GDPR’s principles, notifying the data controller and reporting a data breach.

Read more

How to conduct effective Data Protection Impact Assessments (DPIAs) to minimise privacy risks and maintain GDPR compliance

Free GDPR webinar download: How to conduct effective DPIAs

DPIAs are key to processing personal data in line with the requirements of the GDPR. They help organisations make an early evaluation of the impact business processes, product updates and new projects might have on the data subject.

Read more

Responding to a data breach: what you should know

Free GDPR webinar download: Responding to a data breach: what you should know

No organisation can be too prepared for a data breach. Led by Alan Calder, this webinar will provide insight into preparing for and responding effectively to a data breach, helping you limit your liability and ensure optimal compliance with the GDPR. 

Read more

This website uses cookies. View our cookie policy
WIN £100