1. The Complete Guide to Data Protection Impact Assessments (DPIAs)

    Guide to Data Protection Impact Assessments

    The Complete Guide to Data Protection Impact Assessments (DPIAs) What is a DPIA? A Data Protection Impact Assessment (DPIA) is a structured process used by organisations to identify, assess, and mitigate the potential data protection risks associated with projects involving the processing of personal data. DPIAs are especially critical when the planned data processing may…

  2. Understanding When You Can Refuse a Subject Access Request (SAR)

    When Can You Refuse a Subject Access Request (SAR)?

    Understanding When You Can Refuse a Subject Access Request (SAR) Subject Access Requests (SARs) are a powerful tool for individuals. This grants them the right to access their personal data held by organisations. Yet, compliance with SARs can be challenging for organisations, particularly when requests are burdensome or potentially abusive. While it’s essential to respect…

  3. Using AI and Facial Recognition to Determine Age Key Implications and Challenges

    Using AI and Facial Recognition to Determine Age

    Using AI and Facial Recognition to Determine Age: Key Implications and Challenges Artificial intelligence (AI) and facial recognition technologies are constantly continuing to evolve. AI and facial recognition technologies are being used for a surprising range of applications, including determining a person’s age. From verifying age for restricted purchases to protecting minors online, age-detection technology…

  4. Data Protection Relationships – Understanding the complex relationships in data protection

    Understanding the complex relationships in data protection

    Data Protection Relationships – Understanding the complex relationships in data protection In the complex landscape of data protection, knowing whether you are a data controller, joint controller, or processor is essential. This clarity ensures that you comply effectively with UK data protection laws. Controllers decide how and why personal data is processed. Processors handle data…

  5. How to Demonstrate Accountability for GDPR Compliance?

    Accountability is one of the most significant principles of the UK GDPR. It shows to your clients, key stakeholders and employees that you’re committed to protecting personal data and take data protection seriously.  But how do you show accountability in practice? Previously, we covered example ways that guide this, and now, we’ll explore each method…

  6. Cookie Compliance Essential Considerations for Organisations

    Cookie Compliance

    Cookie Compliance: Essential Considerations for Organisations Cookies are essential for enhancing user experiences and driving personalised marketing. However, they come with stringent compliance requirements under the UK’s Privacy and Electronic Communications Regulations (PECR) and UK GDPR. To help organisations utilise cookies effectively and legally, this guide provides a comprehensive overview of what cookies are, the…

  7. How to Write a GDPR Data Protection Policy

    As part of your accountability obligations, you should implement appropriate procedures, policies and measures to minimise risk and promote high standards across your organisation.  A data protection policy is one way to demonstrate compliance with the UK GDPR. In this blog, we explain this policy, why it matters and what to include when writing one. …

  8. PCI DSS v4.x E-commerce Security

    PCI DSS v4.x E-commerce Security

    New PCI SSC Guidance on PCI DSS v4.x E-commerce Security: What You Need to Know The PCI Security Standards Council (PCI SSC) is once again stepping up its efforts to bolster security in e-commerce environments. To help organisations navigate these requirements in PCI DSS v4.0.x, the PCI SSC will soon release guidance aimed at e-commerce…

  9. ICO’s AI Recruitment Audit

    ICO’s AI Recruitment Audit

    ICO Issues Critical Recommendations to Improve Data Protection in AI-Powered Recruitment The Information Commissioner’s Office (ICO) recently released a comprehensive report on AI recruitment tools, sharing over 300 recommendations to protect job seekers’ information rights. With AI systems increasingly used to streamline recruitment tasks such as screening resumes and scoring candidates, these tools present both…

  10. Data Protection Gap Analysis The Essential Guide to Your GDPR Audit

    Data Protection Gap Analysis

    Data Protection Gap Analysis: The Essential Guide to Your GDPR Audit In the landscape of data protection, conducting a Data Protection Gap Analysis is a critical step for any organisation looking to strengthen its compliance with the General Data Protection Regulation (GDPR). A gap analysis not only identifies vulnerabilities but also sets the stage for…

1 2 3 36

Join our community

Our mission is to make data protection easy: easy to understand and easy to do. We do that through the mantra of benchmark, improve, maintain.

Join the Data Protection Made Easy podcast or Sign Up For Newsletters
Hidden
This field is for validation purposes and should be left unchanged.