GDPR Subject Access Request

Steps to GDPR Compliance: Subject Access Rights

Posted · Add Comment

“What you looking at?” Will subject access rights become the Vogue under the GDPR? What changes will there be to the current regime? Based on what we know for now, the GDPR subject access request (“SAR”) process will be similar to that under the current regime. The key changes taking effect from May 2018 are: […]

GDPR Data Mapping

Steps to GDPR Compliance: Data Mapping

Posted · Add Comment

Data mapping Step 2 – Follow the yellow brick road Why data map Data mapping should be a key element in any organisation’s compliance strategy, including any pre-employment screening policy. The prospective employer (data controller) can face questions from its candidate base about where their personal data is being sent and how it is used. […]

Privacy S.H.I.E.L.D…the latest summer blockbuster

Posted · Add Comment

It has taken two years but on 12 July 2016 the EU Commission finally adopted the adequacy decision on the Privacy Shield, and from 1 August 2016 entities will be able to certify with the US Department of Commerce. From a strategic perspective US companies (or EU companies doing business in the US) will be […]

Russian Regulator publishes Data Localisation clarifications: one month to go…

Posted · Add Comment

The long requested guidance to interpreting the Russian Data Localisation laws have now been released by the Ministry of Communications, just one month before the new law comes into force, which requires that organisations that collect personal data from individuals in Russia store that data within Russian territory. The guidance is non-binding, but these are […]