Free Trial

THE PRIVACYPERFECT BLOG

DSRs: practical challenges and guidance for process optimisation

May 29, 2020 9:33:29 AM / by PrivacyPerfect posted in Data Protection, GDPR Software, Data Protection Officer, Data Controlling, GDPR Compliance Program, DSAR

While Data Subject Requests (DSRs) are not a new concept, with the enforcement of the GDPR back in 2018 May, further guidelines have been introduced. With obligations becoming stricter and wider, as several additional requirements and exemptions were laid out by the EU privacy regulation, organisations often seem to be facing challenges in handling DSRs, primarily due to the complexity and time-consuming nature of the process. In this blog post, our privacy experts discuss the typical challenges organisations may face in addressing a request under each right, and provide guidance in finding solutions to these challenges.

Read More

Healthcare institutions and GDPR compliance in a digital world

May 7, 2020 2:33:10 PM / by PrivacyPerfect posted in EU, Data Privacy, Data Protection, Data Security, DPO, Data Protection Officer, GDPR Controller, gdpr2020, healthdata, healthcare

Digital transformation is and has been the focus of many organisations in the last couple of years, including those of the healthcare sector. This shift brings with it new, additional aspects for all areas, a major one being data protection. In the healthcare sector, where a huge amount of sensitive personal data is being processed on a daily basis, protection of this data has to be of top priority, with strict procedures, access controls, and guidelines on privacy. As such, compliance with the GDPR, within digitized care and cure organisations, is crucial. Let’s take a look at how you can ensure compliance for your healthcare organisation without disrupting the efficiency of your work.

Read More

Why internal data breaches happen and how to reduce the risk of one

Apr 9, 2020 9:46:32 AM / by PrivacyPerfect posted in EU, Data Protection, Data Breach, Data Security, Personal Data, gdpr2020

While the news media today is often reporting on security incidents and data breaches that happen due to external threats such as cyberattacks, internal data breaches can pose just as big of a risk for organisations. As it’s common practice that several internal stakeholders hold access to various personal data handled by their organisation, the risk of a potential internal incident is quite high. So, how can you reduce the risks? 

Read More

GDPR Easy Read: Are CISOs facing even more challenges?

Mar 31, 2020 3:13:51 PM / by PrivacyPerfect posted in EU, GDPR Compliance, Data Privacy, Data Protection, ciso, GDPR Easy Read

As a Chief Information Security Officer, you hold a vital role in protecting your organisation's most valuable data as well as their reputation. With experts suggesting the numbers of cyberattacks and data breaches to increase in the upcoming years, your role as a CISO could prove even more decisive. Recent reports have suggested that in the ever-growing pressure CISOs are met with, many are bridging cybersecurity and data privacy together.

This includes keeping up with the EU's GDPR and the numerous obligations it provides. As you continue to establish your organisation's visions, strategies and programs to ensure information assets are properly protected, how are you bridging data privacy compliance with cybersecurity? 

Read More

All you need to know about Data Processing Agreements

Mar 19, 2020 4:04:37 PM / by PrivacyPerfect posted in EU, GDPR Compliance, Data Protection, DPO, Data Protection Officer, GDPR Controller, GDPR Processor, GDPR Reputation, gdpr, DPA, gdpr2020

One way or another, almost all organisations rely on third parties for processing personal data in today’s digital world, creating a direct need for data processing agreements (DPA). Even the tools that are considered to be the basic necessities in business, such as email clients, CMS systems, data storage servers, or website analytics, all process personal data on behalf of organisations. With the introduction of the GDPR, there are strict requirements and guidelines on how this can be done in a compliant manner, through signed DPAs between the organisation (the data controller) and any party that acts as a data processor on their behalf. But what are Data Processing Agreements (DPAs), are they really necessary for you, what do they look like, and who needs to be involved from within your organisation? 

Read More

How has the GDPR strengthened email marketing?

Feb 7, 2020 10:49:09 AM / by PrivacyPerfect posted in GDPR Compliance, Data Privacy, Data Protection, Compliance, Data Consent, Marketing, Marketing under GDPR, gdpr2020

Back in the adaptation period of the GDPR between 2016 and 2018 May, many businesses were concerned that the new EU-privacy regulation might weaken their marketing efforts, especially in the field of email marketing.  As the GDPR puts several restrictions on why and how personal data can be collected and processed, previous forms of popular marketing techniques, such as building a database of prospects for years on end, and purchasing prospect lists, had to be changed and adjusted for compliance. These types of databases were used most typically for the email marketing efforts or organisations, therefore many believed that this aspect of business marketing might actually suffer from the new regulation. After over a year since the enforcement of the GDPR though, businesses reported several benefits of the GDPR in regard to marketing, through adapting a compliant email marketing strategy. So, what steps can your organisation take to make sure to enjoy these benefits, while strengthening your compliance?

Read More

Data Breaches: The Business Risk of the Decade

Jan 23, 2020 4:00:00 PM / by The Trust Bridge posted in EU, Data Privacy, Data Protection, GDPR Fines, Data Breach, gdpr, gdpr2020

Working across the information space in both the private, not for profit and the public sector, The Trust Bridge Senior Consultant, Carol Tullo, has seen the ecosystem of data policy expand and collide with the world of information rights. Carol states that “So many of us operating in this field have balanced the advantages of the open flow of data with the tensions in the safety and compliance safeguards that we expect, be it as individuals, family units or businesses” The access, storage and tracking of personal data has changed our worlds. Protecting our data and our individual profiles is what data protection is all about. This is not new.  

Data_breaches_business_risk_decade-1

Read More

GDPR Compliance is Becoming a Key Point for Brands

Jan 16, 2020 4:10:42 PM / by PrivacyPerfect posted in EU, GDPR Compliance, Data Privacy, Data Protection, Compliance, GDPR for SMEs, Reputation, Reputation under GDPR, GDPR For Tech Companies, Marketing, Marketing under GDPR, gdpr 2019

Reports have indicated that people have become increasingly critical about their data on how it's stored and what it is being used for. It has become paramount that businesses take the extra steps in ensuring a secure and privacy compliant way of handling such personal data. As pressure heaps on businesses and brands to adopt this data privacy centered culture, why is it vital for brands to use compliance to their advantage, and not see it as a burden?
gdpr_compliance_benefit_for_brands

Read More

GDPR for SMEs: Benefit or Burden?

Nov 29, 2019 9:12:25 AM / by PrivacyPerfect posted in EU, Data Privacy, Data Protection, Small business GDPR, Data Protection Officer, Data Consent, Marketing under GDPR, gdpr 2019

When the EU fully enforced the GDPR back in May of 2018, there were many speculations and doubts on the consequences, and whether or not SMEs will need to adhere to the full extent of the regulations or not. A common misconception that followed was that the GDPR was seen as a data privacy law that would only be looking into the data protection practices of big multinational enterprises. After over  a year since it’s enforcement now, we are able to see the first results on the extent of how the GDPR can apply to each type of business, and what best practices businesses can turn to in order to stay aligned to the obligations. In this blog post, we look into the important points SMEs should know in regards to the GDPR and how the regulation can be turned into a benefit, rather than a burden.

Read More

Facial Recognition & GDPR: The Good, The Bad, and the Problematic

Nov 21, 2019 2:23:42 PM / by PrivacyPerfect posted in EU, GDPR Compliance, Data Privacy, Data Protection, Compliance, Data Processing, Personal Data, Data Consent, Consent, Facial Recognition, gdpr, DPIA, gdpr 2019, DPA, Britain

Earlier this week, France announced that it will be the first country within the EU to introduce the use of facial recognition for government services. A decision that has raised a few eyebrows in terms of people’s privacy and the connotation it may imply in regards to the GDPR. Didier Baichere, a lawmaker with French president Emmanuel Macron ́s party, insisted that the general public shouldn't be worried. But, should they? What sort of implications can facial recognition technology make and just how protected are the public’s sensitive data? Let’s take a look.

Read More

    Lists by Topic

    see all
    harmas_Rajztábla 1-1
    Keep informed!
    Sign up to the Weekly GDPR Digest now.