What a good GDPR review should look like?

Posted · Add Comment

To complement the publishing of an article in the Brentwood Chamber of Commerce newsletter about GDPR reviews we have added a similar item here. GDPR compliance is proven through good documentation, good understanding of the regulation and review processes. Review processes provide the evidence that all is well which in larger organisations commonly includes the […]

Storage and destruction

Storage and Destruction of Personal Information

Posted · Add Comment

Protecting personal information extends to the methods of its storage and destruction. Whether you like it or not, it’s part of the legal framework. You have to work out how to do this in a way that work for you not whether you follow the guidance. So, let’s get the geeky bit out of the […]

Track & Trace

Track & Trace and Protecting Personal Data

Posted · Add Comment

So, who knows their alphabet? These are the guidelines to store information about Track & Trace set out in a nice and easy A to E format. . Ask only for what is necessary.Be transparent with customers. Carefully store the data. Don’t use it for other purposes. Erase it in line with government guidance. Any […]

What is a Data Protection Impact Assessment?

Posted · Add Comment

So, we’re told that certain types of processes and complex processes require a data protection impact assessment. What on earth is that anyway. In short, it’s where a process is likely to result in a high risk to individuals. Thinking about it practically, it is only a way to record the decisions that are made […]

Am I doing Data Protection Right?

Posted · Add Comment

So many times, I get asked am I doing data protection right? The real crunch is, it’s personal. It’s perspective. While the main driver is attitude, there are six questions you need to answer yes to. Do I only collect, and use, the personal data I need to?Do I keep it to a minimum?Am I […]

What internal documents do I need for GDPR?

Posted · Add Comment

The ICO is all about evidence and attitude when it comes to small business. So, this little beauty is to help you understand the internal documents you need for GDPR and why. You need to accept how important it is that any evidence your organisation has to support this is vital. Whether it is on […]

Requesting Data From an Organisation

Posted · Add Comment

The most daunting thing we have to face as individuals is going up against an organisation and requesting your own data from it, especially if it is a large one.  This is one of the main reasons why data protection legislation is in place, to protect the individuals.  The first principle mentioned in any data […]