‘Reactive’ and ‘data protection’ are two phrases that no organisation wants to have sitting near each other, but with businesses facing more and more pressures, how can adopting a ‘data protection by design’ approach help organisations move to, and sustain a proactive approach to data protection? What is Data Protection by Design? Data Protection by […]
Data Protection by Design – the key principles Read More »
With organisations facing growing challenges to ensure compliance with data protection laws and evidencing accountability a risk register is essential to identify, assess, prioritise and mitigate risks related to the handling, processing, and storage of personal data. Eight components of a Risk Register: Benefits of a risk register include: In using a risk register organisations
Data Protection Compliance: The Importance of a Risk Register Read More »
A Record of Processing Activities (ROPA) is a document that provides a comprehensive overview of how personal data is collected, processed, stored and transferred within an organisation. For some organisations it is a current EU and UK GDPR obligation but equally, a well-maintained ROPA brings a multitude of benefits to an organisation. The Data Protection
Making a record of processing activities (ROPA) work for your organisation Read More »
During the DPN webinar on 21st February panellists Mark Roebuck, Robert Bond, Louise Garrett-Cox and Simon Blanchard took on a host of topics and questions ranging from “what are data assets and IARs,” to “how do I see the value of a ROPA and gain stakeholder buy-in”. Here we summarise 5 key takeaways from the
IAR, ROPA and Stakeholder buy in – 5 key takeaways from the DPN webinar Read More »
As a business the task of safeguarding valuable assets has, and continues to become more challenging with technology and information continually evolving.
Maximising Security and Efficiency: The Importance of an Information Asset Register Read More »
A data subject access request is key to data subjects gaining access to their data. This is a fundamental right of individuals under the Data Protection Act (2018). Whatever business you are in, if you hold personal data, you will probably receive a Data Subject Access Request (DSAR) at some point. Thanks to improved data protection awareness
Data Subject Access Requests Read More »
A Data Protection Impact Assessment (DPIA) is a process that is undertaken when you believe that the activity that you are undertaking has the potential to create a high risk to the data subject. Within ProvePrivacy, we provide you with a high risk assessment tool to help to determine if a DPIA might be required. The process
Data Protection Impact Assessment Read More »
Sharing data or transferring personal data to a data processor requires an element of due diligence to take place in order to ensure that data subjects remain protected. One of the main concerns is to ensure that a compliant contract is in place between the data controller and the data processor. All processing by a
Transferring Personal Data to a Data Processor Read More »
Sensitive personal data (sometimes called special category data) under GDPR is deemed higher risk and whilst it is important that all personal data is protected, there are certain activities or categories of personal data which might present a higher risk to the data subject if they were to be mistreated. These are detailed within the regulation and if
Sensitive Personal Data Read More »
A Record of Processing Activities (ROPA) is a requirement for some organisations under Article 30 of the GDPR. Its purpose is to help demonstrate that an organisation processes personal data in accordance with the data protection principles. It identifies how the organisation processes personal data and the activities which it undertakes. Contents of the Record of Processing Activities
Record of Processing Activities Read More »
If you would like to ask more questions or to arrange training, complete the form below and we will respond shortly.
Prefer to schedule a 15 minute call? Schedule call today >>
