As individuals we should fear what data breaches can mean to us.  The effect of a data breach ranges from damage to reputation through financial impacts to a complete cloning of identity.  Please be aware that this way of presenting severity is only one view – there are many others – and many other individuals […]

Why should we bother complying with data protection regulations anyway?  This is the question I am asked so much and, while there are some obvious ones, to be honest some of the answers are not what you might expect. Complying regulations can increase your standing, thereby making you a more attractive trading counterpart and save […]

Part of the first principle of GDPR is the ability to identify the legal basis for processing personal data.  This helps to satisfy all three of the elements of the joint principle of being “legal, fair and transparent”.  As has been mentioned in the {} blog, there can be more than one legal process that […]

We have all heard that dreadful message when calling a company “This call is being recorded for training and data quality purposes”.  In truth, normally that’s really only a part of the reason.  The “data quality” part really means that the recording would be used to determine who is right.  Don’t get me wrong, there’s […]

CCTV is generally used in two ways by organisations, a) providing security on their premises for the safety of all that use them and b) to ensure that staff act in a way that matches the terms & conditions and HR policies that an organisation has issued. If, as an organisation, you only want to […]

So, what is it about sharing data that people find so confusing?  If you went to a football match or an athletics meeting would you tell your life story to the person sitting next to you, including where you live, your bank account details, and so on?  Even if you did would you want the […]

Firstly, what is a data policy?  It is the internal guideline that you will follow when processing data. You do not have to show this policy to anyone outside your organisation, but you should have terms and conditions written and a privacy policy shown on your website (if you have one) available for any interested […]

To me, there are two ways of thinking about data.  One is the categorisation by the regulations and the other is the different forms that data is stored in. In GDPR, there are two categories of data named, those being personal data and special category data.  Just to make things nice and simple the Information […]

Whenever I speak to anyone about the new data protection regulations they always ask, “as long as I have consent it’s all fine right?”   The answer can, in fact, be no. The “legal, fair and transparent2 principle of GDPR requires the identification of the correct reason (or legal basis of processing) for collecting and processing […]