As a business the task of safeguarding valuable assets has, and continues to become more challenging with technology and information continually evolving.
Maximising Security and Efficiency: The Importance of an Information Asset Register Read More »
What is a Data Subject Access Request? A data subject access request is key to data subjects gaining access to their data. This is a fundamental right of individuals under the Data Protection Act (2018). Whatever business you are in, if you hold personal data, you will probably receive a Data Subject Access Request (DSAR) at some
Data Subject Access Requests Read More »
What is a Data Protection Impact Assessment (DPIA)? A Data Protection Impact Assessment (DPIA) is a mandatory legal process used to identify and minimize data protection risks for projects likely to result in high risks to individuals. Under the Data Protection Act (2018), organizations must conduct a DPIA before starting any high-risk processing to ensure
Data Protection Impact Assessment Read More »
What are the Legal Requirements for Sharing Data with a Data Processor? A Data Processor Contract is a mandatory legal agreement required whenever a Data Controller shares personal information with a third-party provider. Under the Data Protection Act (2018), this contract must specify the nature of the processing and include specific clauses that create a
Transferring Personal Data to a Data Processor Read More »
What is Sensitive Personal Data Under the Data Protection Act 2018? Sensitive Personal Data, also known as Special Category Data, is personal information that is inherently more private and requires higher levels of protection. Under the Data Protection Act (2018) and GDPR, processing this data is prohibited unless an organization meets specific legal conditions, as
Sensitive Personal Data Read More »
What is a Record of Processing Activities (RoPA)? A Record of Processing Activities (RoPA) is a mandatory legal document that outlines how an organization processes personal data. Under Article 30 of the GDPR, certain organizations are required to maintain a detailed inventory of their data processing operations, including the purposes of processing, data categories, and
Record of Processing Activities Read More »
What is Large Scale Processing under GDPR? Large Scale Processing is a critical regulatory classification under the GDPR used to identify data activities that involve significant volumes of personal information or affect a vast number of individuals. It is determined by assessing the number of data subjects, the volume of data, the duration of processing,
Large Scale Processing Read More »
What is a High Risk Assessment for Data Protection? A High Risk Assessment (HRA) is a mandatory screening process used to determine if a data processing activity is likely to result in high risks to individuals. Under the Data Protection Act (2018), organizations must conduct an HRA as a preliminary step to decide if a
High Risk Assessment Read More »
What are Supervisory Authorites in Data Protection? Supervisory Authorites are independent public bodies established by a Member State to oversee and enforce the application of data protection laws. Under Article 51 of the GDPR, these authorities are legally tasked with protecting the fundamental rights and freedoms of individuals regarding the processing of their personal data
Supervisory Authorities Read More »
What is a Data Protection Officer (DPO)? A Data Protection Officer (DPO) is a strategic leadership role required (in some circumstances) by the General Data Protection Regulation (GDPR) to oversee an organisation’s data protection strategy. The DPO ensures that the entity complies with the Data Protection Act (2018) by monitoring internal compliance, informing and advising
Data Protection Officer Read More »
If you would like to ask more questions or to arrange training, complete the form below and we will respond shortly.
Prefer to schedule a 15 minute call? Schedule call today >>
