Free Trial

THE PRIVACYPERFECT BLOG

Healthcare institutions and GDPR compliance in a digital world

May 7, 2020 2:33:10 PM / by PrivacyPerfect posted in EU, Data Privacy, Data Protection, Data Security, DPO, Data Protection Officer, GDPR Controller, gdpr2020, healthdata, healthcare

Digital transformation is and has been the focus of many organisations in the last couple of years, including those of the healthcare sector. This shift brings with it new, additional aspects for all areas, a major one being data protection. In the healthcare sector, where a huge amount of sensitive personal data is being processed on a daily basis, protection of this data has to be of top priority, with strict procedures, access controls, and guidelines on privacy. As such, compliance with the GDPR, within digitized care and cure organisations, is crucial. Let’s take a look at how you can ensure compliance for your healthcare organisation without disrupting the efficiency of your work.

Read More

GDPR Easy Read: Are CISOs facing even more challenges?

Mar 31, 2020 3:13:51 PM / by PrivacyPerfect posted in EU, GDPR Compliance, Data Privacy, Data Protection, ciso, GDPR Easy Read

As a Chief Information Security Officer, you hold a vital role in protecting your organisation's most valuable data as well as their reputation. With experts suggesting the numbers of cyberattacks and data breaches to increase in the upcoming years, your role as a CISO could prove even more decisive. Recent reports have suggested that in the ever-growing pressure CISOs are met with, many are bridging cybersecurity and data privacy together.

This includes keeping up with the EU's GDPR and the numerous obligations it provides. As you continue to establish your organisation's visions, strategies and programs to ensure information assets are properly protected, how are you bridging data privacy compliance with cybersecurity? 

Read More

What benefits and opportunities does data minimisation hold for businesses?

Feb 19, 2020 12:54:25 PM / by PrivacyPerfect posted in EU, GDPR Compliance, Data Privacy, Data Breach, GDPR For Tech Companies, gdpr, gdpr2020, data minimisation

Back when the GDPR was still within the adaptation phase, data-driven organisations and public bodies that process personal data on a large scale found the new obligation of data minimisation to be a rather vague obstacle. The GDPR states that personal data shall be adequate, relevant, and not excessive in relation to the purpose or purposes for which they are processed, but this concept still often poses challenges for some firms. At the same time, data driven organisations continue to process and gather personal data on a large scale, where data minimisation could prove that ‘bigger’ might not necessarily always mean ‘better’: after over a year since the EU privacy regulation’s enforcement, we have now learned that data minimisation actually holds several benefits for organisations that decide to embed it into their practices. Before we start looking into what data minimisation can look like in practice, let’s take a look into what this concept entails exactly according to the GDPR. 

Read More

How has the GDPR strengthened email marketing?

Feb 7, 2020 10:49:09 AM / by PrivacyPerfect posted in GDPR Compliance, Data Privacy, Data Protection, Compliance, Data Consent, Marketing, Marketing under GDPR, gdpr2020

Back in the adaptation period of the GDPR between 2016 and 2018 May, many businesses were concerned that the new EU-privacy regulation might weaken their marketing efforts, especially in the field of email marketing.  As the GDPR puts several restrictions on why and how personal data can be collected and processed, previous forms of popular marketing techniques, such as building a database of prospects for years on end, and purchasing prospect lists, had to be changed and adjusted for compliance. These types of databases were used most typically for the email marketing efforts or organisations, therefore many believed that this aspect of business marketing might actually suffer from the new regulation. After over a year since the enforcement of the GDPR though, businesses reported several benefits of the GDPR in regard to marketing, through adapting a compliant email marketing strategy. So, what steps can your organisation take to make sure to enjoy these benefits, while strengthening your compliance?

Read More

Data Breaches: The Business Risk of the Decade

Jan 23, 2020 4:00:00 PM / by The Trust Bridge posted in EU, Data Privacy, Data Protection, GDPR Fines, Data Breach, gdpr, gdpr2020

Working across the information space in both the private, not for profit and the public sector, The Trust Bridge Senior Consultant, Carol Tullo, has seen the ecosystem of data policy expand and collide with the world of information rights. Carol states that “So many of us operating in this field have balanced the advantages of the open flow of data with the tensions in the safety and compliance safeguards that we expect, be it as individuals, family units or businesses” The access, storage and tracking of personal data has changed our worlds. Protecting our data and our individual profiles is what data protection is all about. This is not new.  

Data_breaches_business_risk_decade-1

Read More

GDPR Compliance is Becoming a Key Point for Brands

Jan 16, 2020 4:10:42 PM / by PrivacyPerfect posted in EU, GDPR Compliance, Data Privacy, Data Protection, Compliance, GDPR for SMEs, Reputation, Reputation under GDPR, GDPR For Tech Companies, Marketing, Marketing under GDPR, gdpr 2019

Reports have indicated that people have become increasingly critical about their data on how it's stored and what it is being used for. It has become paramount that businesses take the extra steps in ensuring a secure and privacy compliant way of handling such personal data. As pressure heaps on businesses and brands to adopt this data privacy centered culture, why is it vital for brands to use compliance to their advantage, and not see it as a burden?
gdpr_compliance_benefit_for_brands

Read More

What are Some Key Differences Between Consent & Legitimate Interest?

Jan 9, 2020 2:11:47 PM / by PrivacyPerfect posted in EU, GDPR Compliance, Data Privacy, Data Processing, Data Protection Officer, GDPR Controller, GDPR Processor, Data Controlling, GDPR Reputation, Data Consent, Consent, Marketing under GDPR, GDPR for Marketers, gdpr, DPIA

Legitimate interest and consent are two of the six lawful bases that data processors can choose from when gathering and processing data subject personal data. Both of the mentioned lawful bases are the most commonly used reasoning among organisations for their data gathering. But what are some of the key differences between the two? 

differences_consent_legitimate_interest_lawful_basis

Read More

GDPR for SMEs: Benefit or Burden?

Nov 29, 2019 9:12:25 AM / by PrivacyPerfect posted in EU, Data Privacy, Data Protection, Small business GDPR, Data Protection Officer, Data Consent, Marketing under GDPR, gdpr 2019

When the EU fully enforced the GDPR back in May of 2018, there were many speculations and doubts on the consequences, and whether or not SMEs will need to adhere to the full extent of the regulations or not. A common misconception that followed was that the GDPR was seen as a data privacy law that would only be looking into the data protection practices of big multinational enterprises. After over  a year since it’s enforcement now, we are able to see the first results on the extent of how the GDPR can apply to each type of business, and what best practices businesses can turn to in order to stay aligned to the obligations. In this blog post, we look into the important points SMEs should know in regards to the GDPR and how the regulation can be turned into a benefit, rather than a burden.

Read More

Facial Recognition & GDPR: The Good, The Bad, and the Problematic

Nov 21, 2019 2:23:42 PM / by PrivacyPerfect posted in EU, GDPR Compliance, Data Privacy, Data Protection, Compliance, Data Processing, Personal Data, Data Consent, Consent, Facial Recognition, gdpr, DPIA, gdpr 2019, DPA, Britain

Earlier this week, France announced that it will be the first country within the EU to introduce the use of facial recognition for government services. A decision that has raised a few eyebrows in terms of people’s privacy and the connotation it may imply in regards to the GDPR. Didier Baichere, a lawmaker with French president Emmanuel Macron ́s party, insisted that the general public shouldn't be worried. But, should they? What sort of implications can facial recognition technology make and just how protected are the public’s sensitive data? Let’s take a look.

Read More

Data Transfers: In & Out of the EU

Nov 1, 2019 10:22:06 AM / by PrivacyPerfect posted in EU, GDPR Compliance, Data Privacy, DPO, Data Protection Officer, Data Transfer, International Data Transfer, Reputation under GDPR, GDPR For Tech Companies, GDPR for Marketers, GDPR Summary, gdpr 2019

International data transfers play a vital role for data driven businesses and organisations. As processes have become but a few clicks away and the digital world continues advancing, organisations must take the appropriate measures to ensure protection over their data and the data subjects. The EU’s GDPR aims to protect personal data, and provides strict obligations and standards that every organisation should take when dealing with international data transfers. Below are key points for organisations to consider upon doing international data transfers from and to the EU.

Read More

    Lists by Topic

    see all
    harmas_Rajztábla 1-1
    Keep informed!
    Sign up to the Weekly GDPR Digest now.