GDPR Article 32 a Reasonable and Pragmatic Approach

The GDPR  can be seen as a  complex and far reaching piece of legislation. One area where data privacy professionals may have a better understanding  is Article 32-Security of Processing.  GDPR does not downplay security at all, but rather, the language of Article 32...

GDPR Do I Need To Appoint an EU Representative

Art. 27 GDPR Representatives of controllers or processors not established in the Union   Your Questions Answered      Which companies need an EU representative under the GDPR?     Companies that do not have an presence / legal entity  in the...

What is a Data Protection Officer (DPO)

DPO is an acronym for Data Protection Officer. which is a key appointment within your organisation.  A DPO is a person who is given formal responsibility for data protection compliance within an organisation reporting into the CEO.  Under the EU’s General Data...

Ensuring GDPR Compliance When a Subject Sends an Access Request

One of the many significant changes brought about by GDPR was the data subject’s greater right of access to personal information. And that is far-reaching. The data controller must fulfil a data subject access request (DSAR) within a month to comply with GDPR. So, the...

Data Breach Root Causes

Data users, specifically employees, expose organisational data systems to hackers by making simple mistakes that can easily be avoided. Here are many of the most common data breach causes.

GDPR Compliance: Performing a Gap Analysis Your Choices

GDPR Compliance: Performing a Gap Analysis Your Choices   GDPR compliance is no small matter for any company, but the way you go about it makes all the difference. With the right tools at your disposal, it can be manageable. A GDPR gap analysis shows you where...

Achieving GDPR Compliance for Non- EU Organisations Explained

GDPR is a Challenge for any International Organisation   As  25th May 2018 was coming to a close  the EDPB (European Data Protection Board) published It’s Guidance  on the GDPR Article 3 (territorial scope) The  main objective was  to clarify when the GDPR...