GDPR (General Data Protection Regulation) officially came into force across the European Union on 25th May2018, with the aim of updating laws and obligations around personal data and ensuring they are fit for the digital age. Organisations had plenty of warning and years to prepare for GDPR. However, many appeared to end up in a …
The latest changes to General Data Protection Regulation, or GDPR, states that organisations must report any breach withinthree days of its occurrence. In the case of British Airways, it took them just 24 hours to report that they had been victims of a cyber-security breach between the 21st of August and the 5th of September. …
The privacy enhancing techniques of ‘anonymisation’ or ‘pseudonymisation’ of data are recognised by the GDPR and candiminish some of the more onerous provisions of the regulations. Preventing or reducing the likelihood that personal data can be tracked back to the original owner can allow companies to use such information freely, or at least under different …
A saying, especially appropriate for GDPR, states that “there is no privacy without security” (not necessarily vice versa). Technical security measures are mentioned several times throughout the GDPR text. The GDPR does not, however, specify any particular security technology as mandatory although a some methods are suggested as optional solutions in some cases. The choice of …
Most people in the Information Security/Data Governance world at the moment are consumed with thenew General Data ProtectionRegulations (GDPR) which come into force on May 25th, 2018. The changes it brings are significant and will have an impact on every UK citizen. This article is not going to explain the multitude of changes or cringe …
The GDPR requires that “Taking into account the state of the art, the costs of implementation and the nature, scope, context and purposes of processing as well as the risk of varying likelihood and severity for the rights and freedoms of natural persons, the controller and the processor shall implement appropriate technical and organisational measures …
Next year (2018) on the May 25th, the General Data Protection Regulation (GDPR) will go into effect. Your company, and every other company around the world should, by now, have a good idea of how it will affect your business. If you don’t know or think that it doesn’t affect you because you’re not a …