Category Archives: Uncategorized

GDPR and Employee Data: H&M Fined 35 Million Euros

On 2nd October 2020, the Hamburg Commissioner for Data Protection and Freedom of Information (Hamburg DP Commissioner) imposed a 35.3 million Euros fine on H&M Hennes &Mauritz for serious breaches of the General Data Protection Regulation (GDPR) at its service centre in Nuremberg. Specifically the … Continue reading

Posted in Uncategorized | Leave a comment

The British Airways Data Breach Fine

The ICO has finally issued a fine to British Airways (BA) for a cyber security breach which saw the personal and financial details of more than 400,000 customers being accessed by attackers.   £20 million is a lot of money, even for British Airways, and especially in a global pandemic which has seen all airlines struggle financially. However it is a far cry from … Continue reading

Posted in Uncategorized | 1 Comment

Cyber Security and GDPR Compliance

Olu Odeniyi writes… Data Protection Officers (DPOs), and others who work in data protection, will know that a fundamental requirement of GDPR is to protect personal data ”against accidental loss, destruction or damage, using appropriate technical or organisational measures” as stipulated in … Continue reading

Posted in cyber security, Uncategorized | Tagged | 1 Comment

The Scottish Information Commissioner’s Annual (FOISA) Report 2020

The Scottish Information Commissioner, Daren Fitzhenry, recently published his Annual Report and Accounts for the year 2019-20. It is available to read and download from the Commissioner’s website. Mr Fitzhenry enforces the Freedom of Information (Scotland) Act 2002  (FOISA) as well as the Environmental Information (Scotland) … Continue reading

Posted in FOISA, Scotland, Uncategorized | Tagged , | Leave a comment

Data Protection Challenges of Remote Working

In March 2020, businesses found themselves having to quickly adapt to managing a remote workforce. The IT department felt the pressure to create the infrastructure to enable this and information security teams looked for ways to effectively monitor the network … Continue reading

Posted in coronavirus, COVID-19, Remote Working, Uncategorized | Tagged , , | 1 Comment

Brexit, Trade Deals and GDPR: What happens next?

Regardless of whether we have a Brexit trade deal with the EU, GDPR and the Data Protection Act 2018 are here to stay. There will however be some changes to prepare for and a new title for GDPR to get used to.  The Data Protection, Privacy and Electronic Communications (Amendments etc) (EU Exit) … Continue reading

Posted in Brexit, EU, Schrems, Uncategorized | Tagged , , | 2 Comments

The Importance of a DPIA

A Data Protection Impact Assessment (DPIA) helps Data Controllers identify the most effective way to comply with their GDPR obligations and reduce the risks of harm to individuals through the misuse of their personal data. A well-managed DPIA will identify problems and allow them … Continue reading

Posted in dpia, Uncategorized | Tagged | Leave a comment

In House Training in the Age of a Global Pandemic

The first thing to suffer when there is a pandemic requiring social distancing and remote working is training courses particularly those that are off site. Gone are the days when employees could take time out of the office to sit in a hotel with others to talk about GDPR compliance … Continue reading

Posted in Uncategorized | Leave a comment

British Airways: Proposed GDPR Fine Likely to be Reduced

In July 2019, the Information Commissioner’s Office (ICO) signalled its intention to use its powers to issue to issue Monetary Penalty Notices (fines) under the General Data Protection Regulation (GDPR).  Two Notices of Intent were issued with much fanfare. One … Continue reading

Posted in GDPR, Uncategorized | Tagged , , , | Leave a comment

The Schrems II Judgement

On 16th July 2020 the Court of Justice of the European Union (CJEU) delivered the landmark judgment in Case C‑311/18 Data Protection Commissioner v Facebook Ireland Ltd., and Maximillian Schrems, also known as “Schrems II”. This case will have a … Continue reading

Posted in International transfers, Uncategorized | Tagged , , | 2 Comments