Introduction GDPR introduced and changed the UK and European privacy rules exponentially. The inclusion of Article 25, ‘Privacy by Design’ and ‘Privacy by Default’, formed the basis of embedding global data privacy compliance management into everyday operations and...
A personal data breach is a security breach “leading to the accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to, personal data,” (GDPR, Article 4.12). All data breaches whether reportable or not require the completion of...
Many manufacturers and retailers of IoT devices don’t realise that these devices fall under the purview of data privacy regulations. As data regulators turn their attention to IoT devices, manufacturers and retailers must take steps to stay ahead of developing global...
The proposed U.S. Federal Privacy Law ADPPA was introduced in the U.S. House of Representatives on June 3rd 2022. This represents the first time federal data privacy legislation in the United States has progressed to a full chamber vote. Significant...
Organisations understand the need to innovate and safeguard the personal and confidential data of their customers, employees, and business partners. Ensuring privacy and security through every phase of the data lifecycle (e.g., collection, use, retention, storage,...
The Legitimate Interest Impact Assessment is used to determine if an organisation can process data using the legitimate interest lawful basis. This article explains what lawful bases are under GDPR, and how to complete a legitimate interest assessment (LIA). 6 lawful...
