What Does a Data Policy Really Need to Have?

Posted · Add Comment

Firstly, what is a data policy?  It is the internal guideline that you will follow when processing data. You do not have to show this policy to anyone outside your organisation, but you should have terms and conditions written and a privacy policy shown on your website (if you have one) available for any interested […]

Data Types in GDPR

Posted · Add Comment

To me, there are two ways of thinking about data.  One is the categorisation by the regulations and the other is the different forms that data is stored in. In GDPR, there are two categories of data named, those being personal data and special category data.  Just to make things nice and simple the Information […]

The Hype About Consent

Posted · Add Comment

Whenever I speak to anyone about the new data protection regulations they always ask, “as long as I have consent it’s all fine right?”   The answer can, in fact, be no. The “legal, fair and transparent2 principle of GDPR requires the identification of the correct reason (or legal basis of processing) for collecting and processing […]

GDPR – The Basics

Posted · 2 Comments

So, what is GDPR all about?  Simply put it is the updated version of data protection regulations that should be applied to the use of personal information.  The difficulty is that there are approximately 120 differences between the Data Protection Act 1998 and the regulation authorised by the Data Protection Act 2018.  The following are […]

Marketing and GDPR

Posted · Add Comment

So, what is all the fuss about marketing with the new UK data protection legislation and why is B2B and B2C contact different?  Big question with a myriad of answers – but here’s my view of some important things to remember.   B2B and B2C B2B (business to business) and B2C (business to customer) are […]

Why is Change Difficult?

Posted · Add Comment

Everyone seems to be saying that change is the new norm, in reality, change is difficult in a business environment.  For example, the hype about the paperless office and how it will revolutionise time management is only partially true in many sectors as physical evidence of agreement, or approval, within a process is required. So […]

GDPR is More that Just Cyber Security

Posted · Add Comment

What businesses get bombarded with, when it comes to data protection is cyber security.  It is true that in our modern digital age having the correct anti-virus software, encryption software and to be up to date with other information in the ISO 27000 range of standards is important.  However, data protection is more than just […]

GDPR for Individuals

Posted · Add Comment

What can individuals expect from organisations that process and store their information under GDPR?  The detail of what is stored varies from organisation to organisation, but general principles apply. It is important to remember that as an individual any documentation (like privacy policies) provided by an organisation has to be written in plain language.  Jargon […]

Why is GDPR Necessary?

Posted · Add Comment

Why couldn’t things stay the same? To put things very bluntly, the prior data protection legislation had numerous holes that had to be filled to stop (or at least try to stop) those less scrupulous exploiting the data of individuals.   To try and explain this simply, the biggest change that the new legislation brings should […]