The UKs #1 Data Protection Consultancy

Data Protection & Information Security Experts

Data Protection Made Easy.

GDPR Support Cyber Security Support

Accelerate Your Data Protection Compliance

Save Time, Save Money and Relax: You’re In Safe Hands

Discover the comprehensive range of data protection services at Data Protection People. Tailored to meet the unique needs of your organisation, our expert team has successfully handled every challenge imaginable. Whether you’re navigating compliance complexities or enhancing data security, trust DPP to be your partner in safeguarding information.

GDPR Training

Data Protection People have a wide range of training services catering for every need. Whether its general training for operational or admin staff or specific training for specialist roles, we have something for you. watch the short video below to meet the team and find out more about our training services.

Contact Us

Information Management Software

DataWise is the original privacy tech platform designed to simplify GDPR compliance management. Since its inception in 2011, DataWise has continuously evolved, solidifying its reputation as the pioneering "privacy tech" solution.

Contact Us

Data Protection Consultancy

Unlock Compliance Excellence with Our GDPR Consultancy Services. Navigating the intricate realm of data protection laws and standards demands expert guidance.

Contact Us

Outsourced DPO

A data protection officer doesn't have to be a full time employee and in many respects it's better to have a company like DPP take on the role. Watch the video below to find out more about our outsourced DPO and privacy officer services or reach out and get in touch with us.

Contact Us
View All
Join our extensive list of clients who have their data privacy under control

Need Help With Cyber Security Compliance?

We Have You Covered!

At Data Protection People, our cyber security services are designed to fortify your digital defences. With a proven track record spanning diverse sectors in the UK, our seasoned team brings a wealth of experience in handling a wide array of cybersecurity challenges. Reach out to us and explore how DPP can enhance your organisation’s cyber resilience.

ISO 27001

Our tailored program, guided by industry-certified experts, supports your ISO 27001 compliance journey. Whether you need advice on certification scope, assistance with remediation work, or comprehensive ISO 27001 consultancy, we’re here to guide you every step of the way.

Contact Us

PCI DSS

A PCI assessment is an audit for validating compliance with the Payment Card Industry Data Security Standard (PCI DSS), a set of security standards for merchants who accept, process, store or transmit credit card information.

Contact Us

Cyber Security Support

Secure your organisation with Data Protection People's Cyber Security Support. Our expert team ensures cybersecurity excellence, offering tailored support for ISO27001, PCI DSS, Cyber Maturity, Cyber Essentials Plus, and more.

Contact Us

Cyber Security Consultancy

Our Cyber Security Consultancy services offer a robust framework to safeguard your digital assets. With a team of Certified Information Systems Security Professionals (CISSPs) and a unique blend of industry-specific expertise, we stand as a leading authority in cyber security consultancy.

Contact Us
View All

Supporting DPOs

Flexible Support When You Need It

At Data Protection People, we recognise the dynamic challenges and unique responsibilities of the Data Protection Officer (DPO) role. Beyond offering standard support, we provide a comprehensive suite of services crafted to empower DPOs at every step.

Collaborative Community: Navigating the intricate landscape of data protection can be isolating. That’s why we’ve fostered a collaborative community of privacy professionals. As a DPO with us, you’re never alone. Our network serves as a forum for insightful discussions, sharing solutions, and building a sense of camaraderie.

Expert Guidance and Advice: The journey of a DPO is often filled with complex decisions. Our seasoned team of experts is your reliable resource, offering timely advice and strategic guidance. We’re not just a service provider; we’re your dedicated partners in overcoming challenges and making informed decisions.

Advanced Training for Continuous Growth: Stay ahead in your role with our advanced training programs. Tailored for DPOs, our courses delve into intricate aspects of data protection, providing you with a competitive edge. It’s not just about meeting the present challenges but ensuring your continuous growth and excellence in your role.

Audits, Assessments, and Document Reviews: Our services extend beyond conventional boundaries. From comprehensive audits and assessments to meticulous document reviews, we ensure that your data protection strategies are not only compliant but also optimised for efficiency.

Simplifying Complexity for Future Ease: Beyond addressing current challenges, our mission is to simplify the complexities inherent in data protection. By partnering with Data Protection People, you’re not just solving problems – you’re ensuring a smoother, more efficient role in the future. We streamline processes, making your responsibilities more manageable and your decisions more impactful.

Diverse Sector Experience

Access to a Team of Industry Experts

At Data Protection People, our expertise spans across diverse sectors, ensuring that businesses of all sizes and orientations receive tailored Data Protection and Cyber Security solutions. From the dynamic commercial sector and agile SMEs to the impactful third sector and expansive multi-nationals, we extend our services to fortify the digital defences of every business entity.

Commercial Sector

Elevate your data protection and cybersecurity standards in the bustling landscape of the Commercial Sector. We offer tailored solutions designed to safeguard your sensitive information, ensuring compliance and resilience against evolving threats. Partner with us to fortify your digital assets and foster a secure environment for sustained growth.

SMEs

Small and Medium Enterprises (SMEs) form the backbone of innovation. Our data protection and cybersecurity services are crafted to match the agility of SMEs. Navigate the digital landscape securely, optimize your operations, and scale confidently with our tailored solutions that prioritize your unique business needs.

Third Sector

Third Sector

For organisations in the Third Sector driven by purpose, our data protection and cybersecurity expertise align with your mission. Safeguard sensitive data, build stakeholder trust, and amplify your positive impact. Let our solutions be the backbone of your technology infrastructure, ensuring that your focus remains on making a difference.

Multi Nationals

For the global footprint of Multi Nationals, our data protection and cybersecurity services provide a comprehensive shield. Navigate the complexities of international regulations with confidence. From compliance strategies to threat intelligence, we've got your data security needs covered, empowering your multinational endeavors with resilience.

Public Sector

In the Public Sector, trust and accountability are paramount. Our data protection and cybersecurity consultancy ensures that your operations align seamlessly with regulatory requirements. From confidential citizen data to streamlined governance, our solutions empower public entities to serve with integrity and technological excellence.

Why Use Our Outsourced DPO Services?

Save Time, Money and Guarantee Compliance

Navigating the intricate landscape of data protection demands more than just a DPO — it requires a dedicated team committed to excellence. Our Outsourced DPO Services extend beyond the traditional role, offering a comprehensive approach to legal compliance and pragmatic solutions.

Why Choose Outsourcing?

An outsourced DPO brings a wealth of experience, not just in the law but also in crafting workable solutions. Their impartiality is fortified by a team of privacy practitioners, ensuring that your organization benefits from a spectrum of expertise. Should the need arise, seamless coverage during absences is guaranteed, eliminating the vulnerability associated with a single in-house DPO.

Staying Headache-Free

Concerned about the disruption if your DPO moves on? With an outsourced model, transitions are smooth, and you won’t experience the sudden headache of a critical role vacancy. The continuity provided by a team ensures that your data protection responsibilities are seamlessly handled.

Compliance Tailored to You

Our Outsourced DPO Services align seamlessly with your legal obligations, whether you’re mandated to appoint a DPO or choose to do so voluntarily. We understand that compliance is not just about ticking boxes but about ensuring a robust, practical approach to data protection. Choose Data Protection People for a worry-free, compliance-driven outsourced DPO solution — because your data protection journey should be as smooth as it is secure.

“I cant recommend Data Protection People enough, they have helped me in so many different areas, no matter how complex the challenge or how large the obstacle, DPP always has the answer.

I can call the team at any time and have built an amazing relationship with them, in times of frustration they are here to calm me down and create a plan, they are a pleasure to work with.”

Mark Leete
Eastlight Community Homes

Data Protection People Blogs & Podcasts

Data Privacy Learning & Guidance

Data Protection People have the UK’s #1 Data Protection Podcast with over 150 episodes available across all audio streaming platforms, we also post regular content designed to simplify complex areas of data protection and cyber security, check out some of the podcasts and articles below and make data protection easy today.

How to Successfully Communicate Between Privacy and IT Teams

Data protection regulations like the UK GDPR and CCPA are constantly evolving, placing immense pressure on organisations to ensure compliance. But achieving a robust data security posture isn’t solely the responsibility of the legal or compliance teams. In today’s data-driven world, engineers play a pivotal role in safeguarding sensitive information. This blog explores how to successfully communicate between privacy and IT Teams.

Engineering: The Backbone of Data Security

Modern applications and systems collect, store, and process vast amounts of data. Engineers are the architects behind these systems, and their decisions directly impact data security. By working collaboratively with engineers from the get-go, data protection teams can:

  • Embed security by design: Integrate data protection principles into the development lifecycle, minimising vulnerabilities from the start.
  • Implement robust access controls: Engineers can build systems that restrict access to sensitive data based on the principle of least privilege.
  • Automate data security tasks: Leverage automation for encryption, data anonymisation, and audit trails, freeing up resources for more strategic initiatives.

Communicating Privacy Concerns: Speaking the Engineer’s Language

Effective communication is paramount when addressing privacy concerns with engineers. Here are some strategies that resonate with a technical audience:

  • Focus on impact, not just regulations: Explain how data breaches can compromise user trust and disrupt operations, not just incur fines.
  • Provide clear technical guidance: Offer practical solutions and best practices for secure coding, data storage, and access management.
  • Use real-world examples: Illustrate the consequences of data breaches with relevant case studies.

Avoiding Common Pitfalls: Building a Strong Foundation

Several hurdles can impede successful collaboration between data protection and engineering teams. Here’s how to overcome them:

  • Lack of awareness: Organise training sessions to educate engineers on data protection principles and their role in achieving compliance.
  • Siloed teams: Break down communication barriers by fostering regular interaction through workshops, code reviews, and joint project teams.
  • Friction between security and functionality: Find the right balance between data security and user experience. Involve engineers early in the design process to ensure robust security doesn’t hinder functionality excessively.

Building a Collaborative Future

By fostering positive working relationships, data protection and engineering teams can achieve a shared goal: robust data security. Here are some tips:

  • Promote open communication: Encourage engineers to raise concerns and propose solutions without fear of reprimand.
  • Recognise and reward contributions: Acknowledge the efforts of engineers who champion data security practices.
  • Celebrate successes: Highlight successful data protection initiatives to boost team morale and commitment.

Taking Data Protection to the Next Level

Our data protection services can empower your organisation to achieve seamless collaboration between your engineering and data protection teams. We offer comprehensive solutions, including:

  • Data protection impact assessments (DPIAs): Identify and mitigate risks associated with data processing activities.
  • Data security awareness training for engineers, tailored to your specific needs.
  • Development of data protection policies and procedures aligned with best practices and relevant regulations.

By partnering with us, you can build a culture of data security and ensure your organisation remains compliant in this ever-changing landscape.

With a focus on clear communication, shared goals, and a collaborative approach, data protection and engineering teams can work together to safeguard sensitive information and build trust with your users to ensure you can successfully communicate between privacy and IT Teams. Get in touch with us today!

GDPR for Small Business: Data Protection Explained

In March, our Data Protection Made Easy podcast hosts, Jasmine Harrison, Joe Kirk and Phil Brining, discussed the challenges small and large businesses face when complying with GDPR. 

Data protection is considered a significant burden for small businesses. Resource constraints, compliance hurdles and a general lack of awareness make GDPR compliance seem like a distant goal.  

But it doesn’t have to be. 

This guide will help you learn about the UK GDPR,  your obligations as a small business and what you must do to comply. 

What Is GDPR? 

The General Data Protection Regulation (GDPR) is a law safeguarding EU citizens’ rights around how organisations collect and store their personal data. It came into law in May 2018 but no longer applies to UK citizens after Brexit in 2020.

Instead, the UK have the Data Protection Act (DPA) 2018, which follows the same GDPR requirements with some slight modifications. The UK GDPR applies to UK organisations and those planning to sell to individuals in the UK. 

Does GDPR Apply to Small Businesses?

Regulations, like fire safety, health and safety and tax, apply to every new and existing business. But what about the UK GDPR?

This regulation impacts any business that handles, processes or stores personal data. This can include information about your employees, customers or third parties. 

As a UK business, you must pay a data protection fee to the Information Commissioner’s Office (ICO) for processing personal data. Charities and small and medium-sized businesses pay £40-£60 a year. The yearly fee will increase to £2,900 for companies with a higher turnover and a larger team of employees. 

By paying this fee, your business will appear on ICO’s register, showing customers that your business prioritises data security. 

Personal Data & Sensitive Personal Data 

The UK GDPR defines ‘personal data’ as:

“‘Personal data’ means any information relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person”.

Article 4(1)

Simply put, personal data refers to information about an individual (or ‘data subject’). What data this includes, however, isn’t exactly clear. The context of how you’ve collected information also matters when deciding whether it’s classed as personal data. 

As a small business, you would’ve already collected several pieces of information on a single data subject. When put together, all this data can be used to identify the person. Personal data can include name, surname, home or email address, location data and an IP address.

Sensitive personal data, or special category data, includes information about an individual’s race, ethnicity, political opinions, religious beliefs or health history. Explore the full list of sensitive data in ICO’s complete guide. If you’re collecting this data, you need a clear reason for doing so. 

What Are Your Legal Obligations?

If your business processes and stores customers’ personal data and is located in the UK, you must meet the requirements of the UK GDPR. 

If you plan to sell to customers in the EU, you must comply with the EU GDPR. This also applies if you are based in the EU and selling in the region. 

Non-compliance can risk fines of up to £17.5 million or 4% of your global turnover (whichever is higher) in the UK. 

Getting Started with GDPR Compliance

Here are our top tips for complying with UK GDPR for small businesses:

  1. Start data mapping – Identify and document all the personal data you collect in your organisation. Define the purpose and lawful process for handling and processing each category. Data mapping is a key part of a successful GDPR audit
  2. Conduct a Data Protection Impact Assessment (DPIA) – A DPIA is a risk assessment required under the UK GDPR for specific types of processing. These assessments will identify and prevent potential risks to data processing.
  3. Assign a Data Protection Officer (DPO) –  A DPO is your dedicated GDPR expert. They’ll ensure compliance throughout your team and organisation. Our DPO Lite Service is ideal for small businesses needing straightforward support. 
  4. Train Your Employees – Whether you’re a team of one or ten, your employees must have the skills, knowledge and experience to maintain compliance. Our GDPR training covers key areas like ROPAs, SARs and data breach management. 

Is Your Business GDPR Compliant? 

Ensuring GDPR compliance early on will allow your small business to mitigate any data protection and privacy challenges before they become too complex.

Partner with Data Protection People to start your journey to GDPR compliance. Reach out to our team to learn more

Want to learn more? Listen to part 1 on data protection challenges for businesses on Spotify, Apple, Deezer or directly in our Resource Centre 

How To Complete A ROPA

Record of Processing Activities (ROPA): Ensure Compliance and Build Trust

Experts at Data Protection People host a training program designed to show you How To Complete A ROPA and more importantly how to maintain one.

Uncertain about navigating the complexities of Records of Processing Activities (ROPA)? Our comprehensive ROPA training program empowers you to create and maintain accurate records, demonstrating compliance with the UK General Data Protection Regulation (UK GDPR) and building trust with stakeholders.

This SEO-optimized page dives deep into the ROPA training program, equipping you with the knowledge to confidently manage your organization’s ROPA.

Understanding Records of Processing Activities (ROPA)

A Record of Processing Activities (ROPA) serves as a central resource for documenting your organization’s data processing activities. This record acts as a vital tool for:

  • Demonstrating compliance with data protection regulations, particularly the UK GDPR.
  • Enhancing transparency regarding how personal data is processed within your organization.
  • Facilitating accountability for data processing practices.

By maintaining an accurate and up-to-date ROPA, you can foster trust with stakeholders and ensure responsible data governance.

ROPA Training: Equip Yourself for Effective Management

Our ROPA training program provides a structured learning experience, equipping participants with the essential knowledge and skills to manage ROPAs efficiently. Here’s a breakdown of the key course modules:

  • Introduction to Records of Processing Activities: Gain a solid foundation in ROPA concepts, its purpose, and its significance in ensuring data protection compliance.
  • Legal Basis for Processing: Delve into the crucial concept of legal basis for processing personal data. Understand the various legal bases outlined in the UK GDPR and how to determine the appropriate basis for your organization’s activities.
  • Types of Data Processing Activities: Explore the diverse range of data processing activities that may occur within your organization. Learn how to effectively assess and document these activities in your ROPA.
  • Information to Include in ROPA: Grasp the specific details required for an accurate and compliant ROPA, as mandated by Article 30 of the UK GDPR. This includes understanding the purpose of processing, data subject categories, data transfers, and more.
  • Maintaining and Updating ROPA: Develop the skills to keep your ROPA current and accurate. Understand the circumstances that necessitate updates and learn best practices for maintaining a comprehensive record.
  • ROPA as a Compliance Tool: Discover the significant role ROPA plays in demonstrating compliance with data protection regulations. Learn how an up-to-date ROPA facilitates audits, fosters trust, and enhances data governance practices.
  • Practical Examples and Exercises: Engage in practical exercises designed to solidify your understanding of ROPA concepts. Apply your knowledge to real-world scenarios and reinforce your skills in identifying legal basis, documenting activities, and updating your ROPA effectively.
  • Q&A and Conclusion: Participate in a dedicated Q&A session to address any uncertainties or questions you may have regarding ROPA implementation. The course concludes with a summary of key takeaways and additional resources to support your ROPA management journey.

Who Should Attend this Training?

This program is ideal for professionals involved in data protection, including:

  • Data Protection Officers (DPOs)
  • Department Heads
  • Privacy and Compliance Professionals
  • Legal and Regulatory Experts
  • IT and Security Managers
  • Anyone responsible for international data transfers and UK GDPR compliance

Invest in Confidence and Compliance

By investing in ROPA training, you empower yourself and your organization to confidently manage data processing activities and demonstrate compliance with data protection regulations. This not only builds trust with stakeholders but also fosters a culture of data responsibility.

Contact us today to learn more about our ROPA training program and how it can benefit your organization.

Delivery Duration: 3 Hours Delivery Method: Microsoft Teams / In-House* (minimum of 12 participants required, additional cost may apply)

Contact Information:

Don’t miss out on this opportunity to gain the knowledge and skills to manage your organization’s ROPA effectively!

Become a Data Champion

Become a Data Champion With Our Expert Led Training

Are you looking to foster a data-compliant environment within your organisation? Our comprehensive training program equips individuals with the necessary skills and knowledge to champion data protection best practices across all departments.

This SEO-optimised page provides a detailed breakdown of the Data Champion program, along with the crucial role Data Champions play in ensuring responsible data handling.

What is a Data Champion, and Why Are They Important?

A Data Champion is an individual designated within an organisation to promote data protection awareness and compliance. They act as a central point of contact for data privacy matters within their assigned departments or sections. Data Champions play a vital role in:

  • Educating colleagues on data protection principles and regulations like the UK General Data Protection Regulation (UK GDPR).
  • Identifying and mitigating data privacy risks.
  • Implementing and maintaining data protection policies and procedures.
  • Supporting colleagues in handling data subject requests.
  • Promoting a culture of data responsibility within the organisation.

By empowering individuals as Data Champions, organisations can cultivate a more proactive approach to data protection, fostering trust and transparency with stakeholders.

Data Champion: Equip Yourself for Success

Our Data Champion training program provides a comprehensive learning experience, equipping participants with the essential knowledge and skills to excel in their role. Here’s a closer look at the course curriculum:

  • Understanding Data Protection and UK GDPR: Gain a solid foundation in data protection principles and the UK GDPR, ensuring compliance with relevant regulations.
  • The Role of the Data Champion: Delve into the specific responsibilities of a Data Champion, including relationship management with the Data Protection Manager and colleagues within assigned departments.
  • Data Protection Impact Assessments (DPIAs): Master the DPIA process, including its purpose, risk identification methods, and completion timelines.
  • Handling Personal Data Breaches: Learn how to effectively manage and respond to data breaches in accordance with regulations and best practices.
  • Managing Subject Access Requests (SARs): Develop the skills to process and respond to SARs, upholding individuals’ rights regarding their personal data.
  • Records of Processing Activities (ROPAs): Gain the knowledge to create and maintain accurate RoPAs, ensuring transparency in data processing activities.

In addition to these core modules, the course covers a wider range of data protection topics, including:

  • General Data Protection Regulation (GDPR) and the Data Protection Act 2018
  • Definitions of personal data and data subjects
  • Roles of data controllers and data processors
  • Data processing principles
  • Special category data
  • Data protection by design and by default
  • Information rights
  • Lawful processing
  • Accountability and governance

Who Should Attend this Training?

This program is ideal for:

  • Section/Department Managers and Leaders
  • Individuals within data protection (DP) roles seeking to upskill
  • Professionals transitioning into DP roles

Investing in Your Data Protection Future

By investing in Data Champion training, your organisation empowers individuals to become data privacy advocates. This not only fosters compliance but also builds trust and transparency with stakeholders.

Contact us today to learn more about our Data Champion training program and how it can benefit your organisation.

Delivery Duration: 4 Hours Delivery Method: Microsoft Teams / On-Site (additional costs and minimum participants apply)

Contact Information:

Don’t miss out on this opportunity to empower your team and champion data protection within your organisation!

Want to get a taste of our training? Check out the Data Protection Made Easy podcast.

Bridging The Gap

Bridging The Gap – Building Successful Collaborations Between IT and Privacy Teams

Listen to the full podcast here:

During last week’s episode of the Data Protection Made Easy Podcast, we were thrilled to welcome Rebecca Balebako, a Privacy Engineer with extensive experience in the field. Rebecca joined our hosts Joe, Jasmine, and Philip for a lively discussion on the critical collaboration between IT and Privacy teams.

Why Collaboration Matters

A successful business thrives on a strong partnership between IT and Privacy teams. This episode dives deep into how these seemingly separate entities can work together seamlessly to achieve a common goal: data protection.

Key Takeaways from the Discussion

  • Shared Objectives: Both IT and Privacy share the responsibility of safeguarding data. By fostering open communication and understanding each other’s roles, they can develop effective strategies to achieve this goal.
  • Breaking Down Silos: Historically, IT and Privacy teams may have operated independently. This episode emphasises the importance of breaking down these silos and fostering a collaborative environment.
  • Privacy by Design: Integrating privacy considerations from the very beginning of IT projects strengthens data protection measures.

Join Our Community

Subscribe below to receive weekly invites to our live discussions. Here, you’ll benefit from:

  • Networking: Connect with other data protection enthusiasts.
  • Shared Resources: Gain access to tools and resources designed to simplify data protection tasks.
  • Live Chat: Ask questions directly to our experts and fellow listeners during the show.
  • Polls & Insights: Participate in interactive polls and gain valuable insights from data protection statistics.

Flexible Options to Suit Your Needs

We alternate between two session formats:

  • Topic Sessions: Like this episode, we take a deep dive into a specific area of data protection or cybersecurity.
  • GDPR Radio: Our expert hosts discuss the latest data protection news, offering insights and tips to address current challenges.

You can choose the sessions that most interest you! With roughly 100 data protection enthusiasts joining us live each week, you’re sure to find a vibrant and informative community.

Listen On-the-Go

Catch up on previous episodes wherever you are! We’re available on Spotify, Youtube, and Amazon Music. Our lighthearted and casual approach makes data protection understandable and engaging, perfect for listening at the gym, during your commute, or even while cooking.

Join us each Friday for insightful discussions and stay ahead of the curve in the ever-evolving world of data protection.

Looking Ahead

Next week, tune in for an episode of GDPR Radio featuring Jasmine Harrison, Joe Kirk, and Philip Brining. Register for upcoming events on our events page or reach out to us on LinkedIn.

 

GDPR Radio – Episode 164

Data Protection Made Easy Podcast: GDPR Radio – Episode 164

Deep Dive into Facial Recognition, Mental Health, and Legal Basis

This week’s episode of the Data Protection Made Easy podcast (GDPR Radio – Episode 164) tackles critical data privacy issues impacting our world today. Join hosts Jasmine Harrison and Joe Kirk as they delve deeper than ever before, offering insights and practical takeaways.

Key Topics Discussed:

Facial Recognition and Bias

Facial recognition technology is rapidly advancing, but concerns linger about potential bias within AI systems. Jasmine and Joe unpack this complex issue, exploring:

    • Real-world examples of facial recognition bias in the news.
    • The impact of biased algorithms on individuals and society.
    • Mitigation strategies to ensure responsible development and deployment of facial recognition technology.

Data Sharing for Mental Health Emergencies

The Information Commissioner’s Office (ICO) recently issued new guidance on data sharing in mental health emergencies. This episode dives into:

    • The key takeaways from the ICO’s guidance.
    • Balancing data protection principles with supporting employee well-being during a crisis.
    • Practical tips for organisations on developing a data sharing policy for mental health emergencies.

Lawful Basis for Data Sharing

Jasmine takes a deep dive into a specific case study involving the BearTrue blue app. This case raises important questions about:

    • Identifying the appropriate lawful basis for data sharing in different scenarios.
    • Applying data protection principles to real-world situations.
    • The importance of understanding legal frameworks to ensure data sharing compliance.

Beyond the Headlines:

This episode goes beyond simply summarising the news. Jasmine and Joe use their expertise to:

Expand Your Data Protection Knowledge:

Don’t miss this opportunity to gain valuable insights from data protection experts! This episode equips you with the knowledge to navigate the ever-evolving world of data privacy with confidence.

The DPDI Bill

Bashing the Bill – A Deep Dive into The DPDI Bill (Episode 163)

DPDI Bill Under the Microscope: A Livestreamed Discussion with Data Protection Experts

Our most popular episode yet, “Bashing the Bill” (Episode 163), tackled the controversial Data Protection and Digital Information (DPDI) Bill with a bang! Held in front of a live audience of over 150 listeners and now topping the charts on Spotify, this episode delved deep into the implications of this new legislation.

Join the Conversation: Become a Data Protection People Subscriber

Intrigued by the DPDI Bill and its potential impact? Want to stay ahead of the curve on data protection issues? By subscribing to Data Protection People, you gain exclusive access to weekly invites for our live events, including in-depth discussions like “Bashing the Bill.” This allows you to not only tune in to expert discussions but also actively participate by asking questions and engaging in the lively chat function alongside our 1200+ subscribers from diverse backgrounds.

Is the DPDI Bill Fit for Purpose? Our Experts Weigh In

“Bashing the Bill” featured a dynamic conversation with our data protection experts, Jasmine Harrison, Joe Kirk, and Phil Brining. They dissected the key provisions of the DPDI Bill, sparking a critical analysis of its potential consequences. Here are some of the key questions explored:

What is the DPDI Bill and Why Should You Care?

The DPDI Bill is a significant piece of legislation that amends existing data protection regulations in the UK. Its aim is to streamline data processing procedures and potentially reduce compliance burdens, particularly for smaller businesses. However, the potential impact on individual privacy rights has sparked critical discussions.

Key Provisions of the DPDI Bill Explained

Here’s a breakdown of some key provisions in the bill and the potential consequences:

  • Subject Access Requests (SARs): The bill introduces changes to SARs, which allow individuals to access the data companies hold on them. Critics worry these changes cou make it harder to obtain information, hindering your ability to understand how your data is being used.
  • Data Sharing and National Security: The bill allows for broader data sharing under the umbrella of “national security” and “crime prevention.” This raises concerns about increased government surveillance powers, with limited clarity on how this data reuse will be restricted.
  • Information Commissioner’s Office (ICO) Oversight: The bill grants the government more control over the ICO, the data protection regulator. This could limit the ICO’s ability to hold companies accountable for data breaches or data misuse, potentially reducing transparency and accountability.

Controversial Aspects of the DPDI Bill

Experts, Jasmine Harrison, Joe Kirk, and Phil Brining, delved into the controversial aspects of the bill during the episode:

  • Weakening Privacy Safeguards: The potential for less robust data protection measures due to streamlined processes is a major concern. Striking a balance between simplification and strong data protection practices is crucial.
  • Reduced Individual Control: The potential for making it harder to access your personal data and hold organizations accountable raises concerns about individual privacy rights taking a backseat to business interests.
  • Unclear Exemptions and Ambiguities: The bill introduces a range of exemptions and limitations on data protection obligations. The sheer volume and potentially vague wording could create difficulties for individuals to understand their rights and for businesses to comply responsibly.

The Live Audience Discussion: A Hive of Activity

The live audience of over 150 participants actively engaged in the discussion through the chat function:

  • Will the DPDI Bill make data breaches more common?
  • How can individuals protect themselves under the new regulations?
  • What does the bill mean for the future of data protection in the UK?

Our experts addressed these questions and many more, fostering a space for informed discussion and empowering individuals with knowledge.

Join the Data Protection People Community: Stay Informed, Take Action

By subscribing to our platform, you gain access to valuable resources, including:

  • Live Q&A sessions and in-depth podcasts: Deepen your understanding of the DPDI Bill and other data protection topics through expert discussions.
  • Practical guidance and actionable tips: Learn how to protect your personal information and hold organizations accountable for responsible data practices.
  • A supportive community of privacy advocates: Connect with over 1200 individuals who share your concerns about data privacy. Together, we can be a powerful voice for change.

Don’t miss out! Subscribe to Data Protection People today and empower yourself with data protection knowledge. Let’s navigate the evolving data protection landscape together and ensure a future that prioritizes both individual privacy and responsible data use.

GDPR Radio – Episode 162

GDPR Radio – Episode 162

Data Protection News of the Week – 15th March 2024

Welcome back to Data Protection People! This episode of our podcast tackles a topic that’s been generating a lot of buzz.

As always, your expert hosts, Jasmine Harrison, Phil Brining, and Joe Kirk, are here to guide you through the intricacies of this new legislation. They pack a lot into this week’s session, from breaches to fines. Tune in to episode 162 and learn more.

A Deep Dive into the DPDI Bill

The episode dedicates significant time to dissecting the different aspects of the DPDI Bill. Here are some of the key areas our hosts explore:

  • Impact on Businesses: A core focus is on how the bill affects businesses of all sizes. The hosts discuss potential changes in compliance requirements, how the bill might simplify processes for smaller organisations, and what larger entities need to consider for continued compliance.
  • Transparency and Individual Rights: The conversation delves into how the DPDI Bill addresses individual rights regarding data access and control. Listeners can expect insights on potential changes to Subject Access Requests (SARs) and how the bill might impact individuals’ ability to understand and manage their personal information.
  • Data Security and Enforcement: Data security remains a top priority. The episode explores how the DPDI Bill might strengthen data security measures and enforcement actions by the Information Commissioner’s Office (ICO).
  • The Future of Data Protection: Our hosts don’t shy away from discussing the broader implications of the DPDI Bill. They analyse how this new legislation might shape the future of data protection regulations in the UK and beyond.

Beyond the Bill: Additional Insights

While the DPDI Bill takes centre stage, Episode 162 doesn’t stop there. The ever-resourceful Data Protection People team throws in some bonus insights for their listeners:

  • ICO Fines in Focus: The episode dives into recent high-profile ICO fines, dissecting the lessons learned and how they can help organisations avoid similar pitfalls. This analysis equips listeners with practical strategies to strengthen their data protection practices and minimise the risk of regulatory action.
  • Recent Breaches That Made Headlines: Data breaches continue to be a major concern. Episode 162 explores some of the most recent and impactful breaches that have made headlines. By analysing the causes and consequences of these breaches, the hosts provide valuable insights on how organisations can improve their data security posture and prevent similar incidents.
  • Developing Technologies and Our Expert Opinions: The world of data protection is constantly evolving, with new technologies emerging all the time. The episode features insightful discussions from your trusted hosts on how these developing technologies impact data privacy. They share their expert opinions on the potential challenges and opportunities presented by these advancements, helping you stay ahead of the curve.

Stay Informed, Stay Compliant

The Data Protection and Digital Information Bill is a significant development in the world of data protection. By tuning into Episode 163 of Data Protection People, you can gain a comprehensive understanding of this new legislation. The episode equips you with the knowledge and insights you need to navigate the changing data protection landscape. Ensure your organisation stays compliant: tune in here: Bashing The Bill – Spotify 

Would you like to listen to future episodes of the Data Protection Made Easy Podcast Live? Visit our events page.

Our Events & Webinars

Industry Leading Discussions

We host events on a weekly basis for the community of data protection practitioners and have built up a network of over 1200 subscribers, who tune in each week to listen to discussions about the hot topics from the fast-paced and evolving world of data protection and cyber security. Check out our upcoming events and become part of our growing community.

View All
17 May 24 12:30 - 1:30 pm

Collaboration Between Security & Privacy Teams

19 April 24 12:30 - 1:30 pm

Shield Your Organisation from Cyber Attacks

Get Support With Data Protection And Cyber Security

Our mission is to make data protection and cyber security easy: easy to understand and easy to do. We do that through the mantra of benchmark, improve, maintain.

Hidden
Hidden