The Data Protection Blog

June 21, 2018

When a DPIA is necessary – the Irish perspective

Under the GDPR each supervisory authority has to prepare and submit to the European Data Protection Board (EDPB) a list of processing operations that require organisations to conduct Data Privacy Impact Assessments (DPIA).
June 17, 2018

It’s begun. The first GDPR complaints.

So it didn’t take long for Max Schrems to use the GDPR to file his first complaint. For those of you who don’t know Max Schrems, he’s the privacy lawyer who successfully challenged Facebook Ireland to prohibit the transfer of data from Ireland to the US.
May 21, 2018

ICO provides guidance and awareness resources as deadline looms

With the GDPR and the UK data protection law coming into effect in less than 10 days I thought it was important to reflect both on Elisabeth Denham’s recent speech at the IAPP and the Regulatory Action Policy that was released by the Information Commissioner’s Office on May 4.
May 4, 2018

Why businesses should stop complaining about GDPR compliance

Organisations in Europe and beyond are gearing up to become GDPR compliant, but many are doing so begrudgingly when in fact the exercise should be looked at in a positive light. The GDPR provides organisations with an opportunity to develop a new philosophy about data governance. It’s a development that will protect your and my personal information from misuse and abuse.
March 20, 2018

Demonstrate compliance with your records of processing activities report

The GDPR is clear In order to demonstrate compliance with this regulation, the controller and processor should maintain records of processing activities under its responsibility. Each controller and processor should be obliged to cooperate with the supervisory authority and make those records, on request, available to it, so that it might serve for monitoring those processing operations.
March 12, 2018

Yes, the GDPR is a good thing for your business

There’s been a lot of FUD around the GDPR – Fear about what it’s going to cost to become compliant and what it’ll cost you in fines if you don’t, Uncertainty about how it applies to your particular organisation and how to go about becoming compliant, and Doubt about whether, after all this expense and trouble, it’s going to be of any benefit to your business.
March 8, 2018

Webinar: How accountants and ICAEW use our GDPR software?

A GDPR365 presentation for the Institute of Chartered Accountants of England and Wales that showcases how this thorough GDPR compliance management tool assists companies to manage their GDPR compliance programmes.
February 15, 2018

Status of the GDPR across Europe

The GDPR allows for EU member states to make some derogations (changes to how the data privacy law will be enforced) and as we get closer to the May 28 date of initial enforcement these changes are becoming clearer. Let’s look at some of the member states to see what they’re doing.
February 8, 2018

GDPR is a marathon not a sprint

With all the hype about May 25, many organisations are seeing the date as a GDPR deadline. But it’s not. The implementation date is the starting line for ongoing compliance with the EU’s new data privacy regulation. From this date forward, organisations are expected to be able to show they have systems in place that will continue to meet GDPR compliance