In addition to the ICO’s recent enforcement action taken against Doorstep Dispensary, European data protection regulators have been active with some interesting cases that are worth highlighting: In Greece, the Hellenic Data Protection Authority (HDPA) fined an organisation €15,000 for installing and using …
Five Lessons to Learn From the First GDPR Fine
Categories: Breach, Fines, GDPR, Guidance, ICO, Public Information, Security, Transparency, UncategorisedSo we’ve finally entered the brave new world. The first GDPR fine has arrived, just the 571 days since the GDPR came into force(!) Those desperate for the era of loud headlines about massive fines will be disappointed. The initial …
ICO Updates
Categories: Accuracy, Guidance, ICO, Public Information, Security, UncategorisedAs 2019 comes to a close, we would like to share some recent ICO updates with you… ICO Consultations – Subject Access and Artificial Intelligence (AI) The ICO have recently launched consultations on guidance in two key areas of data protection – subject …
Recent GDPR Enforcement Action in Europe
Categories: Consent, Data Sharing, Fines, GDPR, Security, Transparency, UncategorisedOctober and November have seen two significant pieces of GDPR enforcement action in Europe with the supervisory authorities in Germany and Austria both issuing multi-million Euro fines for breaches of the GDPR principles. Germany In Germany, the Berlin Data …
Facial Recognition, Privacy and the GDPR
Categories: Consent, GDPR, Guidance, ICO, SecurityBy Rowenna Fielding Is that a face? Humans are wired to perceive faces – there’s even a name for our tendency to see faces in things that are not people (it’s called ‘pareidolia’), but we have an understanding of context …
Bootcamp For Developers Webinar
Categories: DPIA, Uncategorised, WebinarIn this webinar, we will look at how to embed privacy aware thinking into the planning and design stages of product/website/app development. Join us as we discuss data protection by design and default, where a data protection impact assessment (DPIA) …
How to get the most out of your DPIA process
Categories: Breach, Data Protection Act 2018, Data Sharing, GDPR, Guidance, ICO, Public Information, UncategorisedIf your heart says yes, can your DPIA say it too? We wrote back in March about the common mistakes organisations make with Data Protection Impact Assessments (DPIAs). The importance of DPIAs can be seen in three recent cases. In the True Visions Productions (under the DPA 1998) the lack of DPIAs was seen by the Information Commissioner Office (ICO) as one of …
GDPR: the seven principles to follow
Categories: Breach, Consent, Data Protection Act 2018, GDPR, ICOLeading up to May 2018 there was a lot of coverage of the incoming GDPR Data Protection (DP) legislation. Organisations of all sorts knew that something needed to be done but weren’t always sure what it was. Consequently, as a …
NHS Foundation Trust leaks patient email addresses
Categories: Consent, Data Protection Act 2018, Data Sharing, GDPR, ICOOn the 6th September the Tavistock and Portman Clinic sent out an email inviting just under 2,000 patients to participate in an art competition. Unfortunately for the clinic, all the email addresses leaked, visible to all the recipients. An initial …
ICO amends guidance on time limits for data subject requests
Categories: Data Sharing, GDPR, Guidance, ICOSome slightly strange events at the Information Commissioner’s Office (ICO) recently as they quietly updated their guidance around the GDPR’s time limit of “one month” for responding to data subject requests, which had been in place since before May 2018. …