fbpx

Download free GDPR compliance checklist!

Tag Archives for " compliance "

Third-party risk under the GDPR

According to recent research by RSA, failure to protect customer data is creating long-term business problems for organizations. That was evident at a packed event in London on Feb. 5, where discussion centered around the fear of being unable to manage the fallout of a data breach involving a third party.

With 69 percent of the 7,500 consumers surveyed from France, Germany, Italy, U.K. and the U.S. saying they have or would “boycott a company that showed a lack of regard for protecting customer data” the concerns are real. Furthermore, 62 percent of consumers would feel inclined to blame the company above anyone else, even the hacker — and certainly not a third contractor — if they lost their personal data.

Source: Three’s a crowd — third-party risk under the GDPR

Singapore firms unprepared for GDPR

An EY study reveals that only 10% of organisations in the city-state are ready to comply with the Europe’s new data protection regime.

With less than three months before the General Data Protection Regulation (GDPR) kicks in, just 10% of organisations in Singapore are ready to comply with the new European Union (EU) law.

Source: Singapore firms unprepared for GDPR

What changes GDPR will bring?

While some tend to portray new European Union (EU) General Data Protection Regulation (“GDPR”) as menacing Apocalypse coming from nowhere, fact is that GDPR is an “upgrade” of existing EU data protection laws. EU Data Protection Directive ( Directive 95/46/EC ) was adopted already in 1995.

GDPR keeps the basic principles of Data Protection Directive and ads new “layer” to it, aiming to unify data protection in all EU countries and bring more rights and control over data use back to individuals. But let’s look what exactly are the changes GDPR brings us.

Source: What changes GDPR will bring? « Data Protection Blog

One third of directors concerned about the cost of GDPR

32% of company directors say their organisation only began preparing for the new General Data Protection Regulation in the last three months.

And 12% of companies just began preparations within the last month for the new regulations, which take effect on May 25.

This is according to a new survey from the Institute of Directors in Ireland.

Source: One third of directors concerned about the cost of GDPR

German DPAs Publish Model GDPR Processing Records

In just under 100 days, the EU General Data Protection Regulation (GDPR) enters into force. One of the major changes the GDPR introduces is a duty for in-scope controllers and processors to maintain written records of their processing activities.

Under Article 30 GDPR, companies will need to inventory all “processing activities under [their] responsibility” and memorialize them in a written record setting forth, inter alia, the purposes of processing operations, international transfers, and retention periods.

Source: German DPAs Publish Model GDPR Processing Records – Translations Provided |

Lead Acquisition at Events, GDPR Style

I am certain that there is likely to be nobody reading this blog who has never been to a trade fair or industry event. Huge gatherings of like-minded individuals, peers or even just the curious jostle past one another, between extravagant stands paid for vendors promoting their wares.

The cost of such events is justified by the lead data which is acquired en masse via business card exchange and the scanning of visitor name badges, something sales teams hope to capitalise on later down the line. All that personal data and a well known European data protection regulation are sure to cross paths in dramatic style, post May 2018.

Source: Lead Acquisition at Events, GDPR Style

Irish businesses urged to act now with personal data audits for GDPR compliance

Recent survey of 350 Irish businesses found that less than half – just 48% – believe they are prepared for the GDPR. but there is still time for businesses to ensure that they will be compliant with the General Data Protection Regulation (GDPR) before the new rules begin to apply on 25 May.

Personal data audits are an important first step that businesses should take so that they can use their personal data in a way which will comply with new EU data protection laws, an expert in technology and privacy matters has said.

Source: GDPR: Irish businesses urged to act now with personal data audits

GDPR: Regulatory compliance is just the beginning

We have just a few months until the GDPR hits. The road map has now become a very short sprint.

TechRepublic met with Joel Benavides, managing director of global legal services at Box, to discuss where the enterprise is now, are they prepared, and if not, what they can do. He explains the policies enterprise companies can anticipate with cloud data management after the GDPR.

Source: GDPR: Regulatory compliance is just the beginning – TechRepublic

GDPR: Two thirds of organisations aren’t prepared for the ‘right to be forgotten’

With new EU data protection legislation just weeks away, a large number of organisations risk fines by being non-compliant.

People across Europe are set to gain additional control over their personal information from new legislation, but with just under three months until it comes into force, two thirds of organisations aren’t prepared for the General Data Protection Regulation (GDPR) ‘right to be forgotten’.

The European Union-led data protection reforms officially come into force from May 25 2018 and aims to simplify the regulatory environment around data to help consumers and businesses in the digital economy.

Source: GDPR: Two thirds of organisations aren’t prepared for the ‘right to be forgotten’ | ZDNet

What the GDPR will mean for companies tracking location

The tracking of people’s location is becoming an increasingly useful tool for many businesses, whether they want to use it to connect customers with their special offers, monitor footfall, or provide other location-based services.

However, a snag is coming in the shape of the EU’s General Data Protection Regulation, which introduces much tougher rules around the collection and use of personal data. And location data can most certainly qualify as personal data, anytime it relates to an identifiable individual.

Source: What the GDPR will mean for companies tracking location

1 50 51 52 53 54 63
>