Data is by common consent the most valuable asset on Earth.

Just how safe is your information..?

Learn More

Contact Jason using the form below:

ISO StandardsHealth & SafetyOther

Data is by common consent the most valuable asset on Earth.

Just how safe is your information..?

Learn More

Contact Jason using the form below:

ISO StandardsHealth & SafetyOther

Data is by common consent the most valuable asset on Earth.

Just how safe is your information..?

GDPR data protection
Data Protection

Data Protection Officers

DPOs must be impartial, an authority in data protection, be adequately resourced and report to the highest management level.

Not all businesses need to appoint a DPO, but they are a requirement for public bodies, or if you carry out certain activities. Your DPO will drive compliance, advise on data protection obligations and act as liaison with the supervisory authority (ICO). He/she will also perform an educational function and assist with identification of training requirements.

For any micros, SMEs who require guidance, contact Jason, who is an accredited DPO, and is CIPP/E and CIPM trained.

GDPR data protection

Data Protection Officers

DPOs must be impartial, an authority in data protection, be adequately resourced and report to the highest management level.

Not all businesses need to appoint a DPO, but they are a requirement for public bodies, or if you carry out certain activities. Your DPO will drive compliance, advise on data protection obligations and act as liaison with the supervisory authority (ICO). He/she will also perform an educational function and assist with identification of training requirements.

For any micros, SMEs who require guidance, contact Jason, who is an accredited DPO, and is CIPP/E and CIPM trained.

DSAR

Article 15 of the GDPR deals with data subject access requests. The data subject can contact the controller (entity that makes decisions about processing activities) to obtain, amongst others, the following:

  • Confirmation that data is being processed;
  • Purpose of the processing;
  • Copy of all data held;
  • Third parties, if any, who will be in receipt of the data;
  • Period for which data will be stored.

ISO 27701

It is not currently possible for any company to confirm legal compliance with the GDPR. That void will be filled in time.

ISO 27701 only hit the market last year, but affords the security conscious the best option of aligning with the EU data protection and privacy regulation.

27701 is a Privacy Information Management System and cannot be certified to in isolation. You must do it concurrently with ISO 27001 or do it after you have implemented the Information Security Management System.

Breach

Data breaches are an inevitable consequence of commercial activity. It is more a case of when, not if. Allocation of funds to deal with breach response is vitally important.

Costs such as threat isolation, formal (and in all likelihood forensic) investigation, legal counsel and PR communication. A budget will focus minds and attention.

Suitably trained staff play a pivotal part in any breach response. Employees must understand how and when to report suspicious incidents to their supervisors.

DSAR

Article 15 of the GDPR deals with data subject access requests. The data subject can contact the controller (entity that makes decisions about processing activities) to obtain, amongst others, the following:

  • Confirmation that data is being processed;
  • Purpose of the processing;
  • Copy of all data held;
  • Third parties, if any, who will be in receipt of the data;
  • Period for which data will be stored.

ISO 27701

It is not currently possible for any company to confirm legal compliance with the GDPR. That void will be filled in time.

ISO 27701 only hit the market last year, but affords the security conscious the best option of aligning with the EU data protection and privacy regulation.

27701 is a Privacy Information Management System and cannot be certified to in isolation. You must do it concurrently with ISO 27001 or do it after you have implemented the Information Security Management System.

Breach

Data breaches are an inevitable consequence of commercial activity. It is more a case of when, not if. Allocation of funds to deal with breach response is vital..

Costs such as threat isolation, formal (and in all likelihood forensic) investigation, legal counsel and PR communication. A budget will focus minds and attention.

Suitably trained staff play a pivotal part in any breach response. Employees must understand how and when to report suspicious incidents to their supervisors.

DSAR

Article 15 of the GDPR deals with data subject access requests. The data subject can contact the controller (entity that makes decisions about processing activities) to obtain, amongst others, the following:

– Confirmation that data is being processed;
– Purpose of the processing;
– Copy of all data held;
– Third parties, if any, who will be in receipt of the data;
– Period for which data will be stored.

ISO 27701

It is not currently possible for any company to confirm legal compliance with the GDPR. That void will be filled in time.

ISO 27701 only hit the market last year, but affords the security conscious the best option of aligning with the EU data protection and privacy regulation.

27701 is a Privacy Information Management System and cannot be certified to in isolation. You must do it concurrently with ISO 27001 or do it after you have implemented the Information Security Management System.

Breach

Data breaches are an inevitable consequence of commercial activity. It is more a case of when, not if. Allocation of funds to deal with breach response is vitally important.

Costs such as threat isolation, formal (and in all likelihood forensic) investigation, legal counsel and PR communication. A budget will focus minds and attention.

Suitably trained staff play a pivotal part in any breach response. Employees must understand how and when to report suspicious incidents to their supervisors.

GDPR data protection

GDPR compliance checklist

The General Data Protection Regulation is now two years old. Ask yourselves a few of the following questions to get an understanding of your level of compliance…

– Is data protection by design and by default embedded into your processes and systems?
– Has impact of Brexit been considered in your planning?
– Does a business data map show how data flows through and from your organisation
– Do you have an information security policy?
– Do you have an audit plan to monitor all data processing activities and security controls?

GDPR data protection
GDPR data protection

GDPR compliance checklist

The General Data Protection Regulation is now two years old. Ask yourselves a few of the following questions to get an understanding of your level of compliance…

– Is data protection by design and by default embedded into your processes and systems?
– Has impact of Brexit been considered in your planning?
– Does a business data map show how data flows through and from your organisation
– Do you have an information security policy in place?
– Do you have an audit plan to monitor all data processing activities and security controls?