25 03, 2024

Why Small Businesses Can’t Ignore Data Protection and information security

Many small business owners think they are too small to be a target for cyber criminals, the truth is that companies of all sizes face major risks when it comes to data breaches and lack of information security procedures. Failure to properly secure customer data can result in severe penalties, legal liability, and a devastating loss of customer trust. The Devastating Impact for One Small Retailer We took a call this week from a [...]

Read More
1 03, 2021

GDPR Basics 1 – I’ve read the information on the ICO website and I’m still confused

“I’ve read the information on the ICO website and I’m still confused.” We hear this so often through our helpline. It’s not the fault of the ICO website, they are trying to meet the needs of all organisations from big to small, complex to simple and it doesn’t just provide the level of advice that someone needs sometimes. Also, the language can be confusing and frequently organisations struggle to understand the implications for their [...]

Read More
20 01, 2020

Should I be registered with the ICO?

Do you need to register with the Information Commissioners Office (ICO)? The ICO is the supervisory body for the UK with regard to data protection matters. Under the old Data Protection Act the ICO had a list of Data Controllers. The need to maintain a list of data Controllers disappeared with GDPR, BUT in order to fund the ICO, a bill was passed which means that the ICO maintains a register of fee payers. [...]

Read More
10 11, 2019

Email data breaches – Easily avoided

It's happened again. One of the most common data breaches and one which is easily avoided has happened to West Berkshire Council. So what happened? Someone sent an email to 1,107 people about a leisure centre survey and didn't hide the email addresses. As a result, everyone getting the email could see who else it had been sent to. It's really disappointing when these types of data breaches occur as they could so easily [...]

Read More
2 10, 2019

Who can be your Data Protection Officer?

Once you know whether your organisation needs a Data Protection Officer (DPO), you then need to decide who can undertake the role. If you are not sure if you need a DPO, then read my blog post here to find out. Companies often ask us who is the best person to be the DPO? This comes down to who can match the requirements set out in GDPR. Under GDPR you should appoint a DPO [...]

Read More
5 08, 2019

Subject Access Requests – Do you know your obligations?

Another week, another data subject access request or SAR. We were contacted this week by an individual who wanted to know if an organisation had complied with their obligations. That's a bit unusual as its usually organisations contacting us. On this occasion this individual had asked for their parents care records from a care agency. The information had been provided but there was no explanation about the content. Care agencies are likely to receive [...]

Read More
16 05, 2019

Call Recording – Are you transparent about it?

My son has been looking for some specialist insurance recently which has meant a lot of phone calls from various brokers. The really interesting thing is that none of these brokers disclosed that they were recording the calls at the start of the conversation. Only when my son asked if they were recording the calls, did they say that they were. Not a lot of transparency there. One of the brokers directed him to [...]

Read More
4 03, 2019

Can the ICO get in touch with you?

Can the ICO get in touch with you? What happens if they use the email address on your website? Sometimes the ICO may wish to contact you. This may be if they have received a complaint from another person or organisation. Their first stop will be your website and they will probably use the email address shown there to send you an email. So what happens when you are not monitoring that email address? [...]

Read More
19 11, 2017

Think you won’t get caught if you don’t comply with GDPR, think again..

I'm going to let you into a little secret. I can go to your website and just by looking at it, I can tell whether you comply with GDPR. It's not magic or clever. Once you know what GDPR requires of a business, anyone with that knowledge can go to a website and see if a business complies. Looking at a privacy notice will tell you whether they are meeting the latest requirements about [...]

Read More
Copyright 2019-2023 | All Rights Reserved | Privacy Policy | Audit & Risk Professionals LLP T/A GDPR Advisors Uk | Registered in England and Wales (company number OC393687) Registered Address: Masefield Avenue, Borehamwood, HERTS., WD6 2HQ
FacebookInstagramLinkedIn
Go to Top