GDPR Archives - Page 2 of 25 - IT Governance UK Blog

Governments Might Change, but Data Protection Obligations Remain

Luke Irwin 3rd November 2022 GDPR

You might remember that several months and a handful of prime ministers ago, the government proposed an overhaul of data protection law. The efforts stemmed from complaints over the GDPR (General Data Protection Regulation), which was adopted by the UK …

[Continue Reading...]

The benefits of NIS Regulations and the GDPR for Cloud service providers

Luke Irwin 27th July 2021 GDPR, NIS Regulations

The way Cloud service providers in the UK operate has changed dramatically in the past few years, thanks to a pair of regulations that took effect. The first – the EU GDPR (General Data Protection Regulation) – should be familiar …

[Continue Reading...]

The GDPR’s Six Lawful Bases For Processing – With Examples

Neil Ford 21st June 2021 GDPR

Under the GDPR (General Data Protection Regulation), a lawful basis must be documented when organisations process personal data. But what is a lawful basis for processing? Do you always need individuals’ consent to process their data? And what exactly are …

[Continue Reading...]

Compliance Essentials: The Mandatory Documents Required by GDPR

Camden Woollven 10th June 2021 Data Protection, GDPR

The documentation of processing activities is a new legal requirement under the EU GDPR (General Data Protection Regulation). Documenting your processing activities can also support good data governance, and help you to demonstrate your compliance with other aspects of the …

[Continue Reading...]

How to become a data protection officer

Beth Greenall 9th June 2021 Data Protection, GDPR

The EU GDPR (General Data Protection Regulation) requires certain organisations to appoint a DPO (data protection officer) to comply with the Regulation. However, a shortage of DPOs means many organisations appoint staff to act as DPOs without the proper level of expertise, experience or qualifications. The …

[Continue Reading...]

How to write a GDPR data privacy notice – template example

Chloe Biscoe 20th April 2021 Data Protection, GDPR

Under the General Data Protection Regulation (GDPR), organisations must create a privacy notice explaining to individuals how their personal information is used. But what is a privacy notice, and what should it contain? We explain everything you need to know in …

[Continue Reading...]

Demystifying Data Protection: The 7 Key Stages of the DPIA Process

Camden Woollven 12th April 2021 Data Protection, GDPR

Under the GDPR, DPIAs (data protection impact assessments) are mandatory for data processing that is “likely to result in a high risk to the rights and freedoms of data subjects”. Effectively a type of risk assessment, DPIAs assess how these …

[Continue Reading...]

Organisations received £155 million in GDPR fines in 2020

Luke Irwin 29th March 2021 GDPR

In 2020, organisations received €182 million (about £155 million) in fines for violating the GDPR (General Data Protection Regulation), according to an IT Governance report. Our GDPR Fines Quarterly Report revealed that more than two thirds of that total – …

[Continue Reading...]

Understanding Data Subject Rights Under the GDPR

Luke Irwin 10th March 2021 GDPR

The EU GDPR (General Data Protection Regulation) gives individuals eight rights relating to their personal data. Organisations must let individuals know how they can exercise these rights, and meet requests promptly. Failure to do so is a violation of the GDPR …

[Continue Reading...]

List of free GDPR resources and templates

Luke Irwin 25th February 2021 GDPR

Since the GDPR (General Data Protection Regulation) came into effect in May 2018, organisations have been required to keep a close eye on the way they process and protect EU residents’ personal data. The Regulation is filled with so many …

[Continue Reading...]