Businesses who have been hacked and had data stolen have access to remedies that can severely discourage and undermine the hackers if they threaten to publish it online, provided they act quickly, a recent case makes clear.
Owners of intellectual property (IP) rights such as trade marks are likely to find it harder to obtain details of UK domain name owners allegedly infringing their IP rights from May, because of the General Data Protection Regulation (GDPR).
Employers should identify who will need a Data Privacy Notices (DPN), determine what should be in them, and revisit their processes and procedures and staff training, to ensure the right individuals receive a DPN at the right time, in readiness for the General Data Protection Regulation (GDPR).
GDPR compliance: the devil is in the detail
The article reports that now that the General Data Protection Regulation is in force companies are advised to look behind the headline aspects to things they may have overlooked. A major part of the GDPR is that firms need to ensure reasonable care and attention is taken to safeguard information.
Your data, safe at last?
The GDPR email deluge is almost over: will the new EU rules on managing our information live up to their promise?
AI is key to IBMs compliance with GDPR
The article offers information about the important role of artificial intelligence for keeping IBM compliant with the General Data Protection Regulation (GDPR) as well as for offering opportunities for businesses. The company’s data protection officer Cristina Cabella discusses the biggest GDPR readiness programmes of the firm..
Legislation and regulations
Data Protection Act 2018
The new Data Protection Act 2018 comes into to force on 25 May 2018. It replaces the Data Protection Act 1998. The Information Commissioner's Office (ICO) have provided guidance for organisations on the new act.
Reform of EU data protection rules
Summary of the changes to data protection law in the EU. The new regulation entered into force on 24 May 2016 and applies from 25 May 2018. The site includes factsheets on data protection reform.
This is not an exhaustive list of legislation on data protection. The ICAEW Library holds numerous print publications on data protection law and also subscribes to electronic databases with the complete text of UK legislation. For information on accessing these resources, please contact the Library.
Information Commissioner's Office (ICO)
Guide to the General Data Protection Regulation (GDPR)
Detailed guidance for UK organisations, covering:
- key definitions
- lawful basis for processing
- individual rights
Guide to the General Data Protection Regulation (GDPR)
Guide from the ICO explaining the provisions of the GDPR and what organisations need to do to comply with its requirements. Includes ‘In brief’ summaries and checklists as well as more detailed content in key areas.
What’s new under the GDPR?
More detailed guidance from the ICO for UK organisations on legitimate interests under GDPR
A series of blog posts from the ICO aiming to bust some of the myths that have developed around General Data Protection Regulation compliance. Topics covered include data breach reporting, new fining powers and the issue of consent.
Code of practice on use of CCTV by employers with special reference to CCTV in pubs.
Information on how to apply the Privacy and Electronic Communications Regulations, with practical examples and frequently asked questions.
A range of guides and information aimed at SMEs.
Protection of personal data
Comprehensive guide to data protection issues within the EU. Topics include:
- obligations of data controllers
- handling complaints
- protecting personal data
- data protection bodies
Article 29 Working Party Guidelines
EU level guidance on the General Data Protection Regulation. Produced by the Article 29 Working Party, an independent European advisory body on data protection.
Data protection and your business
Guide from GOV.UK covering issues relevant to organisations, including:
- managing staff records
- monitoring staff at work
- using CCTV
Being monitored at work: workers' rights
Guide from GOV.UK for employees monitored through CCTV, bag searches, email checking and other methods.
Data protection guidance
Guidance from the Ministry of Justice on the application of the Data Protection Act 1998, including:
- Undertaking privacy impact assessments: The Data Protection Act 1998
- How data protection affects my business or organisation
- Jargon buster for data sharing and protection
The state of cyber resilience: EY's global information security survey 2016
Latest edition of EY's annual survey report looking at how organisations are addressing current threats and how businesses can proactively prepare for potential new risks.
Data protection and freedom of information standards
Overview from the British Standards Institution with links to related information, news and publications.
US Department of Commerce Safe Harbor Portal
Comprehensive website supporting the Safe Harbor privacy framework in the US, including an overview, documentation, workbook, a certification form and a safe harbor search service (searchable by state or industry sector).
Atom Content Marketing guides
- Direct mail and email marketing
Direct mail and email can be very effective ways of marketing your business, allowing you to reach large numbers of customers at low cost. Email offers immediacy and low cost, while well-designed direct mail can really stand out.
- Filing and records management
Business information can be an important contributor to your competitive advantage. Good filing and record-keeping systems make sure you have what you need, and avoid wasting time and effort looking for misfiled information and misplaced files.
- GDPR - your data protection responsibilities
GDPR, the new General Data Protection Regulation, came into effect on 25 May 2018.
- Internet and email law
The internet is not an unregulated free-for-all: the law still applies, and you need to understand the implications for your business.
- Marketing with your database
Databases make customer information easy to handle, helping to improve service and strengthen relationships.
- Your firm and data protection
All businesses that keep any information on living and identifiable people must comply with the Data Protection Act. The Act applies to any computerised or manual records containing personal information about people.