What Skills Do DPOs Need? GDPR Data Protection Officers DPOs require quite a multi-disciplinary skill set. GDPR says they must be designated on the basis of professional qualities and, in particular, expert knowledge of data protection law and practices. They must be able to fulfil the designated tasks. A DPO will require technical skillsets relating …

What Skills Do DPOs Need? GDPR Data Protection Officers Read More »

4 Tasks DPOs Must Perform Under GDPR EU Data protection law mandates that the DPO must fulfil certain obligations and tasks. This includes: Informing and advising the company and staff about their legal obligations. Monitoring the company’s compliance with data protection law and policies, including monitoring how responsibilities are assigned, levels of awareness and training …

4 Tasks DPOs Must Perform Under GDPR Read More »

Do we need a Data Protection Officer (DPO) for GDPR? If you process process personal data in UK or EU, GDPR probably applies and you may need a Data Protection Officer (DPO). When Does GDPR Mandate DPOs? At a high level, this is an obligation for: What does Large Scale mean for DPOs in GDPR? …

Do we need a DPO? GDPR Data Protection Officers Read More »

Cathay Pacific airway fined £0.5m by ICO for cyber-attack Part of the cost of cyber-attacks 4th March 2020 Cathay Pacific airways has been fined £0.5m (the pre-GDPR maximum) by the UK ICO after a server connected to the internet was hacked and malware installed in early 2018 (i.e. before “GDPR-day” on 25th May 2018). 9.4m …

Cathay Pacific airway fined £0.5m by ICO for cyber-attack Read More »

Morrisons found not vicariously liable for data breach Lucky for Morrisons and everyone else 4th April 2020 The UK’s top court has ruled that Morrisons can’t be held liable for a 2014 data leak affecting the personal payroll data of around 100,000 workers. In the first class action of it’s kind, involving 2,000 of the …

Morrisons found not vicariously liable for data breach Read More »

€50k fine part due to DPO assignment Keeping DPOs independent 28th April 2020 The Belgian Data Protection Authority (28/4/20) fined a company €50k, for: Having a DPO that lacked independence (he was also the director of risk, compliance and audit) Failing to adequately engage the DPO in business matters Failing to appropriate risk assess events …

Beligian DPA GDPR EUR 50k fine for DPO lacking independence Read More »

£18bn lawsuit filed against EasyJet after cyber-attack Part of the cost of cyber-attacks 26th May 2020 Law firm PGMBM has issued a £18bn “no-win-no-fee” class action claim in the High Court of London against EasyJet, on behalf of affected customers. It was reported that EasyJet became aware of the cyber-attack in January 2020, with crooks …

200526 GBP18bn lawsuit filed against EasyJet after cyber-attack Read More »

US Privacy Shield invalid – Schrems – GDPR – Data Protection European Court of Justice finds EU – US Privacy Shield invalid 16th July 2020 Max Schrems, an Austrian activist known for campaigns against Facebook for privacy violation, has done it again. The EU-US Privacy Shield, which allowed US companies to register with PrivacyShield.gov, such …

200716 GDPR US EU Privacy Shield Invalidated Read More »

What is ISO 27002:2013? ISO 27001 suppliments ISO 27001 (The Information Security Management System or ISMS) by providing a list of common operational and technical information security controls. ISO 27001 provides the overarching governance or management solution. ISO 27002 focuses on the actual controls. What is in ISO 27003:2013? ISO 27003:2013 includes: Information security policies …

ISO 27002 Information Security Standard Read More »

The UK Data Protection Act We believe the following to be accurate transcription of the legislation, but provide no guarantee about its accuracy or completeness. Links to particularly useful parts: DPA Schedule 1 Data Protection Act2018CHAPTER 12Explanatory Notes have been produced to assist in the understanding of this Act and are available separatelyData Protection Act …

Read The Full UK DPA Legislation Read More »