With the 30 June deadline approaching, the EU has agreed an adequacy decision for the UK, allowing the free flow of personal data from the EU to the UK to continue.
Data protection and privacy are matters of professional concern to accountants in practice, industry or commerce.
This resource centre provides a focal point for ICAEW members looking for support in managing cyber risks.
ICAEW Data Analytics Certificate programme will help you combine your commercial acumen and business knowledge with data analytics expertise.
FAQs, helpsheets and guidance
Updated guidance from the ICO
This guide summarises the general erasure obligations set out in GDPR, the exceptions available under GDPR and the DPA 2018 and provides practical interpretation of these in relation to various example service offerings that may be provided by ICAEW members.
The Data Protection Act 2018 (DPA 2018) came into force on 25 May 2018 to replace the Data Protection Act 1998. It sits alongside the General Data Protection Regulation (GDPR). This guide is part of a series that explain some of the new or more difficult concepts introduced by the DPA 2018 and the GDPR.
Articles and features
Dr Sam De Silva, Partner and Global Co Head of the Commercial Practice Group at international law firm, CMS Cameron McKenna Nabarro Olswang LLP (CMS) and member of the ICAEW Tech Board, shares his thoughts on the legal and regulatory issues you should consider when using generative AI in your organisation.
In the current business landscape, accountants face numerous challenges in providing their services efficiently and effectively. One important aspect often overlooked is the need for comprehensive office insurance. Marsh Commercial explain how office insurance offers protection against a range of risks and potential liabilities that can threaten the stability and reputation of your business.
The article focuses on the legal challenges surrounding generative artificial intelligence (AI) and its implications for copyright laws, data protection, and the control of personal data. It also discusses the concerns related to the use of copyrighted data for training AI models and the potential impact on cultural industries.
As the Information Commissioner’s Office urges accountants to help SME clients navigate data protection legislation, Matthew Wilkinson-Foster explains the opportunities and risks this presents.
Webinars and recordings
View the recording and accompanying factsheet from our DSAR webinar which took place on 25 May 2022 - a collaboration between ICAEW and Haddletons.
Are you doing enough to manage the risk of cyber-crime and data breach in your business? Marsh Commercial will focus on the risk of cyber specifically to small practitioners, and may highlight the gaps in your cover that are leaving your business exposed.
Demystifying data. Before organisations can gain any value from data it is critical to have a clear data strategy that ties into an organisation's overall strategy.
The GDPR came into force in the UK on May 25 2018. Many organisations put a lot of effort into preparing for that day.
Disclaimer: The opinions expressed by external guest speakers in interviews or other publications included on this website are, by their nature, those of the speaker. They are not necessarily fully endorsed by the ICAEW or purport to reflect the official policies and views of the ICAEW or its members.
Legal Alert is a monthly checklist from Atom Content Marketing highlighting new and pending laws, regulations, codes of practice and rulings that could have an impact on your business. Find out more about Atom Content Marketing
A monthly checklist from Atom Content Marketing highlighting new and pending laws, regulations, codes of practice and rulings that could have an impact on your business.
Businesses, particularly employers, will welcome new guidance from the UK Information Commissioner’s Office (ICO) on dealing with Data Subject Access Requests by workers.
Organisations providing online services that children are likely to access will welcome new draft guidance from the Information Commissioner’s Office (ICO).
Disclaimer: These publications from Atom Content Marketing are for general guidance only, for businesses in the United Kingdom governed by the laws of England. Atom Content Marketing, expert contributors and ICAEW (as distributor) disclaim all liability for any errors or omissions.
The Library & Information Service provides a hand-picked collection of eBooks as a benefit of membership. If you are unable to access an eBook, please see our Help and support or contact firstname.lastname@example.org
This section looks at the definitions in the Act, the rights conferred on data subjects and the data protection principles.
This chapter of the handbook looks at what personnel records an organisation should keep, data protection (please note this section has not been updated to reflect the Data Protection Act 2018 /GPPR) and the monitoring of e-mail and telephone calls. A sample e-mail and internet policy is supplied.
This handbook offers advice on the practical implementation of GDPR and analyses its impact. The guide examines the scope of GDPR, the organisational and material requirements for data protection, the rights of data subjects, the role of the Supervisory Authorities, enforcement and fines under the GDPR, and differences between EU jurisdictions.
The Library & Information Service provides a hand-picked collection of industry press articles as a benefit of membership. If you are unable to access an article, please see our Help and support or contact email@example.com
The article focuses on data classification as a pre-requisite for data protection, security, and compliance, and it explores the tools available for data classification, including offerings from major tech companies as well as open-source options. It mentions these tools use machine learning and artificial intelligence to automate data classification, ensuring accurate data management and governance.
The article focuses on criticism directed towards Information Commissioner's Office (ICO) for its limited enforcement action against Thames Valley Police (TVP) and the Ministry of Justice (MoJ) regarding serious data protection failures that jeopardized the safety of witnesses and prisoners.
Article discusses how Ai-driven decisions have led to discrimination against women and minorities in recruitment, criminal sentencing, medical diagnosis and credit approval and led to thousand of fines under GDPR. An overview of a robust ethical review is given and the 'Five Ps of ethical data handling'
The Data Protection Act 2018 is the UK’s implementation of the General Data Protection Regulation (GDPR) and replaces the Data Protection Act 1998.
Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation)
Guide from the ICO explaining the provisions of the UK GDPR and what organisations need to do to comply with its requirements. Includes ‘In brief’ summaries and checklists as well as more detailed content in key areas.
ICAEW accepts no responsibility for the content on any site to which a hypertext link from this site exists. The links are provided ‘as is’ with no warranty, express or implied, for the information provided within them. Please see the full copyright and disclaimer notice.