Camden Woollven Archive
The documentation of processing activities is a new legal requirement under the EU GDPR (General Data Protection Regulation). Documenting your processing activities can also support good data governance, and help you to demonstrate your compliance with other aspects of the …
Under the GDPR, DPIAs (data protection impact assessments) are mandatory for data processing that is “likely to result in a high risk to the rights and freedoms of data subjects”. Effectively a type of risk assessment, DPIAs assess how these …
Data subject access requests (DSARs) are becoming increasingly common. Failure to respond in accordance with the GDPR (General Data Protection Regulation) can lead to significant penalties and fines. Access requests can be submitted in any format, so it is important …
This blog has been updated to reflect industry updates. Originally published 29 November 2017. As the risk of suffering a data breach continues to increase, information security has become a critical issue for all organisations – especially as the GDPR …
Pseudonymisation and encryption are the only technological measures specifically mentioned in the GDPR (General Data Protection Regulation). But what exactly is meant by ‘pseudonymisation’ and ‘encryption’? Are these measures mandatory? More importantly, how can organisations go about implementing them? Let’s …
Negligent employees are the leading cause of data breaches at small and medium-sized businesses across North America and the UK, according to a recent study from Keeper Security. But what do these incidents really look like on the front line? …
Two thirds of UK organisations are uninsured against the financial impact of a data breach, a survey has revealed. The Risk:Value 2018 Report by NTT Security discovered that only 29% of organisations have dedicated cyber insurance in place, despite 81% of senior executives touting …
1) ISO 27001 aids GDPR compliance ISO 27001 provides an excellent starting point for meeting the technical and operational requirements of the EU GDPR (General Data Protection Regulation). So, it’s no surprise that nearly half (48%) of respondents cited GDPR compliance …
The breadth of applicability of ISO 27001 can make it difficult for organisations to determine how to apply the Standard effectively and economically. As a result, building an ISMS (information security management system) that meets the requirements of ISO 27001 can be challenging. One solution is to conduct an …
Building an ISMS (information security management system) that meets the requirements of ISO 27001 is a challenging project, and it is often difficult to know where to start. One way to simplify the process is to conduct an ISO 27001 …
