UK data protection reform, key updates from the Data Use and Access Act Significant reforms to UK data protection and ePrivacy law take effect on 5 February 2026 under the Data (Use and Access) Act 2025 (DUAA). The Act amends rather than replaces the UK GDPR, Data Protection Act 2018, and the Privacy and Electronic…

STAIRs – Frequently Asked Questions Last week we hosted our largest Data Protection People event to date, welcoming 80 housing professionals to a dedicated STAIRs session focused on transparency, accountability, and the practical realities of compliance in social housing. We were joined by a brilliant guest speaker, Sian Green from Yorkshire Housing alongside sessions from…

Why Data Protection Day Matters in 2026 and How Organisations Can Use It to Build Trust Data Protection Day is more than a date in the calendar. In 2026, it has become a vital reminder for organisations to pause, reflect and strengthen how they protect personal data in an increasingly complex digital world. With artificial…

Most businesses deal with data, whether that’s collecting it for marketing, generating it through customer purchases or processing it for payroll. Without a robust data privacy culture, your business is at risk of accidental data breaches, attacks from hackers and non-compliance with GDPR regulations.  In this article, we’ll discuss the steps you can take to…

Whether it’s clicking a link in a phishing email or sending sensitive data to the wrong person, it’s often a simple error that could leave your business dealing with financial losses and reputational damage due to a major data breach or cyber attack. In this article, we’ll look at five small habits that can have…

Synthetic data is a solution to the tension between the need for real data to train AI, test systems and run analytics, and the need to stay compliant and protect individuals’ data. If you’re worried about using sensitive personal information and GDPR, this could be the answer you’re looking for.  In this article, we’ll talk…

GDPR for Sports Clubs: Why Standard Compliance Advice Doesn’t Work (And What Does) How sports organisations can navigate data protection challenges with a framework built specifically for the sector. Three sports clubs. Three data breaches. Same problem: nobody knew what to do next. A Premier League academy discovers staff have been accessing player medical records…

Social Tenant Access to Information Requirements (STAIRs): What Housing Associations Need to Know From October 2026, social housing providers in England will face a new statutory transparency framework known as the Social Tenant Access to Information Requirements, commonly referred to as STAIRs. The regime introduces formal rights for tenants of housing associations and other private…

UK-EU Cyber Dialogue: Strengthening Joint Cybersecurity Cooperation The third UK-EU Cyber Dialogue took place in Brussels on 9 and 10 December 2025, bringing senior officials from the United Kingdom and the European Union together to advance cooperation on cyber security policy, regulatory alignment and operational resilience. Held under the framework of the UK-EU Trade and…

US Travel Proposal Raises Data Protection Concerns for UK Tourists UK tourists planning a trip to the United States may soon face new and far-reaching data collection requirements. A proposal published by US authorities suggests that visitors from visa waiver countries, including the UK, could be required to provide up to five years of social…