Tag Archives for " ICO "

Highest reported breaches ever according to ICO annual report

UK’s Information Commissioner’s Office (ICO) has recently released its annual report for 2017 – 2018. One of the most obvious impacts of GDPR revieled by the report is the number of breaches reported to the ICO. In 2016-17 2,565 breaches were reported, and 3,311 breaches reported in 2017-18. The annual report covers the period to 31 March 2018 (i.e. before GDPR came into effect) which makes the jump striking.

Source: Highest reported breaches ever according to ICO annual report

Breach reporting: lessons learned

Amongst the most immediate and visible impacts of the GDPR is the requirement to report data breaches to the Information Commissioner’s Office (“ICO”), which came into force on 25 May 2018. Now that this requirement has had some time to bed in, what can we learn from how both data controllers and the ICO have implemented it over the past couple of months?

Read article: Breach reporting: lessons learned

ICO receives record number of breach notifications

In UK the number of self-reported data breaches has increased by 29% from 2,447 last year to 3,156 this year. Under the GDPR, organisations are obliged to report serious data breaches to the data protection authority (ICO in UK). In June, after the GDPR had entered into force, the ICO received 1,700 notifications which is a sharp increase compared with previous levels (around 360-390 breach notifications per month).

Source: ICO receives record number of breach notifications – Privacy Laws & Business

ICO publishes guide on children’s privacy and the GDPR

The guidance published by UK’s Information Commissioner’s Office focuses on the additional, child specific considerations of privacy. This guidance will help you understand the child specific considerations you need to think about when deciding on your lawful basis for processing a child’s personal data. It also explains what you need to include in your privacy notices, and what rights children have under the GDPR.

Source: Children and the GDPR | ICO

UK Privacy Regulator Open to Self-Certification under GDPR

Organizations in Europe may eventually be able to self-certify that they are compliant with the EU’s General Data Protection Regulation, an official at the U.K.’s independent privacy watchdog said. But at the moment there is no such thing as GDPR certification; there is only compliance that you can work toward.

Source: GDPR: UK Privacy Regulator Open to Self-Certification

GDPR offers tech providers an opportunity to develop compliance tools

There is an opportunity for technology providers to develop new tools to help businesses comply with their legal obligations under the General Data Protection Regulation (GDPR).

The good news for technology companies considering new data protection compliance tools is that a new regulatory sandbox for digital innovations is to be established by the UK’s data protection watchdog, the Information Commissioner’s Office (ICO).

Source: GDPR offers tech providers an opportunity to develop compliance tools

ICO publishes finalised guidance on consent under the GDPR

Businesses that rely on consent to process personal data under the new General Data Protection Regulation (GDPR) will have an opportunity to build customer trust and obtain a competitive advantage, but will face additional compliance burdens, according to the Information Commissioner’s Office (ICO).

Source: ICO publishes finalised guidance on consent under the GDPR

ICO launches consultation on stronger regulatory action and continues with its micro-targeting investigation

UK’s Information Commissioner today launched a consultation on stronger powers which are written into the Data Protection Bill currently going through Parliament.

The Report stage in the House of Commons was scheduled for 9th May. Proposed new powers include no-notice inspections, compelling people and organisations to hand over information and making it a criminal offence to destroy, falsify or conceal evidence. The ICO’s ability to use many of its powers, including going to court to request a warrant to search a premises, is based on the UK’s domestic legislation, not the GDPR.

Source: ICO launches consultation on stronger regulatory action and continues with its micro-targeting investigation – Privacy Laws & Business

1 2 3 9
>