GDPR_step 2

Steps to GDPR Compliance: Data Mapping

Posted · Add Comment

Step 2 – Data Mapping Follow the yellow brick road Why data map Data mapping should be a key element in any organisation’s compliance strategy, including any pre-employment screening policy. The prospective employer (data controller) can face questions from its candidate base about where their personal data is being sent and how it is used. […]

Privacy S.H.I.E.L.D…the latest summer blockbuster

Posted · Add Comment

It has taken two years but on 12 July 2016 the EU Commission finally adopted the adequacy decision on the Privacy Shield, and from 1 August 2016 entities will be able to certify with the US Department of Commerce. From a strategic perspective US companies (or EU companies doing business in the US) will be […]

EU Data Privacy Reform Update: Make Mine A Skinny To Go…

Posted · Add Comment

“…simplicity and flexibility are key…” if the new EU Regulation is to work as a long term framework for the protection of privacy rights, according to the European Data Protection Supervisor (EDPS). The EDPS strongly advocates a simple and clear text to enable controllers to easily understand their obligations, and its’ proposed text is 30% […]

EU General Data Protection Regulation: one small step for privacy, or a giant leap?

Posted · Add Comment

In our blog post of 16 January 2015 HireRight reported on the progress of the EU data privacy reforms.  Excitingly, the Council of the European Union (“Council”) met their self-declared deadline of agreeing a general approach on the General Data Protection Regulation (“Regulation”) and announced on 15 June 2015 that “we have moved a great […]

Bulletin: Legal & Compliance – Singapore: how to notify individuals of the purposes of collection, use and disclosure of personal data

Posted · Add Comment

Since the Personal Data Protection Act 2012 (“PDPA”) came into force the principle of “notification” of individuals has been enshrined in the law.  However, the PDPA remained silent on how an organisation should achieve compliance. On September 11 2014 the Personal Data Protection Commission (“PDPC”) issued a “Guide to Notification” for organisations to follow in […]

Bulletin: Legal & Compliance – EU Data Privacy Reforms

Posted · Add Comment

EU Data Privacy Reforms:  the road to reform, are we nearly there yet? Whilst officially aiming for an end of 2015 implementation date, a recent paper by German Green lawmaker Jan Philipp Albrecht hints that this date may slip to 2016. Albrecht notes that progress is being slowed by an apparent stalemate amongst EU Member […]

Changes to Data Transfer Agreements – Legal Update

Posted · Add Comment

One of the ways European companies have until now shared personal data with the US has been called into question by a new ruling. The Court of Justice of the European Union has declared the much-used Safe Harbor framework is not a valid way to legitimately transfer personal data between the two continents. The impact […]