GDPR_step 12-go-live-may-25th-2018

Steps to GDPR Compliance: The GDPR is in Force!

Posted · Add Comment

Step 12 – Go Live Today is the day! The 25th May 2018, and the GDPR is finally in force! After 2 years of preparation, including a Brexit hiccup, we have finally reached this milestone. All organisations hopefully are as prepared as they can be, but the GDPR really is a brave new world in respect to […]

GDPR_step 11 - liability

Steps to GDPR Compliance: Liability

Posted · Add Comment

Step 11 – Liability “You are my Everest” – Scaling the heights of GDPR compliance and navigating GDPR fines Introduction One of the first headline-grabbing pieces of news about the GDPR was the new level of fines that a Supervisory Authority could levy in respect to breach of privacy laws – the equivalent of scaling […]

GDPR Compliance Step 9 - Technical and Security Measures

Steps to GDPR Compliance: Security and Technical Measures

Posted · Add Comment

Step 9 – ISO27001: A Data Privacy Odyssey: How to Demonstrate Technical and Security Measures Under the GDPR Introduction Under current privacy laws, only one of the privacy principles applies directly to a data processor, and that is to ensure that adequate security and technical measures are in place.  The GDPR mirrors this obligation on […]

GDPR_step 7

Steps to GDPR Compliance: Data Breach

Posted · Add Comment

Step 7 – Data Breaches “Once more unto the breach….” Why galvanising your troops to deal with data breach is a key part to compliance with the GDPR Introduction to data breaches The GDPR introduces a duty on organisations to report certain data breaches to their supervisory authority (Article 33) and, in some cases, to […]

GDPR_step 6

Steps to GDPR Compliance: Privacy Impact Assessments

Posted · Add Comment

Step 6 – Use Privacy Impact Assessments to Measure the Impact of Data Processing Operations Crash Test Dummy – Why every prudent processor of data should use Privacy Impact Assessments (PIA) We all feel more secure when we get into our cars knowing they are kitted out with multiple safety features developed through testing and […]

GDPR_step 5

Steps to GDPR Compliance: Vendor Management

Posted · Add Comment

Step 5 – Vendor Management Through the GDPR looking glass… “She generally gave herself very good advice, (though she very seldom followed it)” – Why all entities processing data should follow the “very good advice” to “know your Vendor” Introduction In Step 2 of our GDPR blog series, we talked about the importance of data mapping, […]

Steps to GDPR Compliance: Subject Access Rights

Posted · Add Comment

Step 3 – Subject Access Rights “What you looking at?” Will subject access rights become the Vogue under the GDPR? What changes will there be to the current regime? Based on what we know for now, the GDPR subject access request (“SAR”) process will be similar to that under the current regime. The key changes […]