What is a Data Breach Anyway?

Posted · Add Comment

As individuals we should fear what data breaches can mean to us.  The effect of a data breach ranges from damage to reputation through financial impacts to a complete cloning of identity.  Please be aware that this way of presenting severity is only one view – there are many others – and many other individuals […]

Why Bother complying with Data Protection Regulations?

Posted · Add Comment

Why should we bother complying with data protection regulations anyway?  This is the question I am asked so much and, while there are some obvious ones, to be honest some of the answers are not what you might expect. Complying regulations can increase your standing, thereby making you a more attractive trading counterpart and save […]

Legal basis for Processing

Posted · Add Comment

Part of the first principle of GDPR is the ability to identify the legal basis for processing personal data.  This helps to satisfy all three of the elements of the joint principle of being “legal, fair and transparent”.  As has been mentioned in the {} blog, there can be more than one legal process that […]

Recorded (or voice) data and GDPR

Posted · Add Comment

We have all heard that dreadful message when calling a company “This call is being recorded for training and data quality purposes”.  In truth, normally that’s really only a part of the reason.  The “data quality” part really means that, if we get into a dispute we will call up the recording and use it […]

The use of CCTV by Organisations

Posted · Add Comment

CCTV is generally used in two ways by organisations, a) providing security on their premises for the safety of all that use them and b) to ensure that staff act in a way that matches the terms & conditions and HR policies that an organisation has issued. If, as an organisation, you only want to […]

Sharing Data – What’s the Story?

Posted · Add Comment

So, what is it about sharing data that people find so confusing?  If you went to a football match or an athletics meeting would you tell your life story to the person sitting next to you, including where you live, your bank account details, and so on?  Even if you did would you want the […]

What Does a Data Policy Really Need to Have?

Posted · Add Comment

Firstly, what is a data policy?  It is the internal guideline that you will follow when processing data. You do not have to show this policy to anyone outside your organisation, but you should have terms and conditions written and a privacy policy shown on your website (if you have one) available for any interested […]

Data Types in GDPR

Posted · Add Comment

To me, there are two ways of thinking about data.  One is the categorisation by the regulations and the other is the different forms that data is stored in. In GDPR, there are two categories of data named, those being personal data and special category data.  Just to make things nice and simple the Information […]

The Hype About Consent

Posted · Add Comment

Whenever I speak to anyone about the new data protection regulations they always ask, “as long as I have consent it’s all fine right?”   The answer can, in fact, be no. The “legal, fair and transparent2 principle of GDPR requires the identification of the correct reason (or legal basis of processing) for collecting and processing […]

GDPR – The Basics

Posted · 2 Comments

So, what is GDPR all about?  Simply put it is the updated version of data protection regulations that should be applied to the use of personal information.  The difficulty is that there are approximately 120 differences between the Data Protection Act 1998 and the regulation authorised by the Data Protection Act 2018.  The following are […]