How To Conduct A GDPR Policy and Privacy Information Review
Posted on Oct 12, 2021
It may come as a surprise, but achieving compliance with the UK general data protection regulation (GDPR) isn't helped by implementing boilerplate policy documentation. Instead, it requires appropriate procedures and notifications that reflect how your organisation approaches specific compliance issues.
» Read More
Establishing A Lawful Reason For Processing Personal Data
Posted on Sep 23, 2021
Over several articles, we've been writing about different tips for implementing GDPR. In the series, we're focussing on how to conduct a GDPR audit. This is an activity all organisations should be familiar with, not just at the outset but in an ongoing capacity in the drive for optimum data compliance. In our last article we looked at data mapping and discovering what personal data your organisation holds, why it's retained, along with where and how it's being stored.
» Read More
What Is A GDPR Audit? Step One Data Mapping
Posted on Sep 09, 2021
In a recent article, we discussed how to create an organisational structure for a GDPR compliance programme which includes establishing reporting lines, appointing a Data Protection Officer (if required), and setting a data protection and privacy compliance budget. The next task is to examine how existing data processing operations match up against UK GDPR and Data Protection Act 2018 compliance requirements.
» Read More
How To Write Your Privacy Notice To Win Customers & Influence People
Posted on Aug 09, 2021
What if there is a way to present your privacy information so that it supports customer acquisition. Would that be valuable to your business? Believe it or not, this is precisely what the GDPR mandates. Alright, perhaps it doesn't state those aims exactly, but following its provisions to the letter will increase customer trust and loyalty, which in turn will drive sales growth. In this article, we explain how to transform your generic privacy notice into a reputation-enhancing transparency tool.
» Read More
GDPR Leadership & Oversight
Posted on Jul 22, 2021
Leadership and oversight provide the foundation for accountability and are essential for effective GDPR compliance. While staff are required to perform certain privacy tasks, organisations must determine the right compliance structure, including whether to appoint a DPO, allocate a budget, and designate the necessary resources to meet their data protection obligations. This article looks at what organisations must do to provide strong leadership and highlights relevant data from a global privacy management survey.
» Read More
An Overview Of The GDPR
Posted on Jul 09, 2021
Having celebrated its third (European) anniversary earlier this year in May, it's easy to assume all businesses are fully up to speed when it comes to GDPR compliance. Of course, we know this isn't entirely the case. So, in this article, we present a high-level examination of the GDPR, who it applies to, its principles, the rights it provides to data subjects, and the legal basis for processing personal data.
» Read More
How The GDPR Affects Businesses
Posted on Jun 24, 2021
The GDPR has significantly impacted business operations since it came into force. Organisations have a clearer understanding of what personal data they hold, how it is used, and who has access to it. Privacy management has become a core function led by a dedicated DPO who reports to the board and whose role is to monitor compliance. Here, we've outlined several areas where the GDPR impacts businesses and classified them into four areas: responsibilities, penalties, reputation, and opportunities.
» Read More
Three Things To Consider When Creating A Data Governance Plan
Posted on Jun 15, 2021
A data governance plan is a collection of policies, procedures, and responsibilities that support the quality and security of data collected, used and held throughout the business. In contrast to the privacy management programme, business goals dictate what and how data is regulated in order to achieve your organisation's commercial ambitions. In this article, we address the three key steps for creating a DGP.
» Read More
Investing In The Right Privacy Technology For Your Organisation
Posted on May 28, 2021
While a robust privacy framework helps ensure you have the right policies and procedures in place, your organisation will make a significant step forward in its compliance programme effectiveness when it invests in the best privacy technology. Here, we take a look at the different types of privacy technology available and how to choose the right solutions for your business needs.
» Read More
The Best Practices For Privacy Management
Posted on May 14, 2021
The law is clear on the responsibilities of organisations that collect and process personal data. Statistics reveal that a costly data breach is almost inevitable. It's a question of when not if. This article, looks at the steps required to implement a robust privacy programme, including establishing an effective framework to provide a basic structure and offer guidance on how to integrate applicable compliance requirements.
» Read More