Dixons Carphone Warehouse get maximum ICO fine and potential PCI Fines So DSG or colloquially Dixons Carphone Warehouse has managed to avoid a hefty fine from the Information Commissioner. Apparently, the assessment was against the old Data Protection Act 1998 rather than the more punitive GDPR. Much of the issue was related to PCI DSS […]
Something for Nothing It’s not often that you get something for nothing. Not from consultancies at least I hear you say. And you would be right, but consultants need to eat too. This something for nothing isn’t really ours to give away but it might just save you some money, or better a fine or […]
Do I need an EEA Representative? One of the most overlooked areas of the General Data Protection Regulation seems to be that of EEA Representation. If you are a non-EU business and don’t know what we are talking about then we prove point.
Or any other personal data breach for that matter. The very recent £183 million fine imposed on British Airways for their data breach has brought to light an issue with the GDPR and how to go about enforcing it.
In this post we discuss whether the 13 months old GDPR regulation is proving more difficult to police that the old Data Protection ACT 1998. The DPA 1998 is now quite old and for the eagle eyed is also obsolete, but the fines and enforcement notices were steady. Roughly speaking, we would say that there were […]
GDPR may not exactly be a hot topic for most, indeed it’s take up so far had been sketchy with many organisations doing little or nothing, and businesses that have embraced GDPR often getting it wrong or failing to address the most critical areas. When will GDPR become a regulation that businesses feel they must […]
Do you consider your business to be ethical, upstanding and law abiding? Do your policies talk about employee respect, standards and behaviour, social media rules, drugs and alcohol? Does your business abide by industry standard for health and safety, distance selling, kite marks, ISO standards, even PCI? Most businesses will recognise and uphold many of […]
How GDPR compares to California CCPA First, we had Safe Harbour and the EU Data Directive, now we have GDPR and Privacy Shield, so who is the new guy on the block? The US or at least a large part of it is catching up, GDPR came into full force on the 25th May 2018 […]
Email my passport for a GDPR SAR? In a cruel twist of fate and for some an inevitable irony, the GDPR might just be responsible for the unnecessary proliferation of highly sensitive documents by insecure means. Thousands of organisations in the UK and Europe (at least those who give a hoot) have set out their […]
Marking your own homework is all very well but who carries the can if you get it wrong. Forward thinking organisations have completed some of their GDPR work or in some cases are nearly finished. Some of these companies increasingly looking for someone to check what they have done, give a second opinion, and sign […]