Category Archives: Data Protection

The Data Protection Act puts organisations under a legal obligation to:
1) use personal information fairly and legally;
2) collect only the information necessary for a specific purpose(s);
3) ensure it is relevant, accurate and up to date;
4) only hold as much as you need, and only for as long as you need it;
5) allow the subject of the information to see it on request; and
6) keep it secure.

The new GDPR come into effect on 25th May 2018 as well.

European Commission GDPR guidance

The European Commission has published guidance on the EU data protection rules under the General Data Protection Regulation (GDPR). The guidance outlines what the European Commission, national data protection authorities and national administrations still need to do to bring preparations … Continue reading

Posted in Crab Insight, Data Protection, Information Risks, Reputation Matters | Tagged ,

Free GDPR guide for charities. 

The Charity Finance Group (CFG) has launched a new free guide for charities on the General Data Protection Regulation ((EU) 2016/679) (GDPR) . The guide aims to help charity trustees, staff and volunteers understand the practical impact that the GDPR … Continue reading

Posted in Data Protection, Information Risks, Reputation Matters | Tagged , , ,

Data Protection Prosecution

The High Court said that Wm Morrisons Supermarkets PLC, was vicariously liable for the deliberate and criminal disclosure by a rogue employee of personal data belonging to co-workers. (Various claimants v Wm Morrisons Supermarket PLC [2017] EWHC3113 (QB))

Posted in Data Protection, Information Risks, Protecting Reputation | Tagged , , ,

BBC News: UK regulator has ‘huge concerns’ over Uber breach

The UK regulator, the ICO, has ‘huge concerns’ over Uber breach – http://www.bbc.co.uk/news/technology-42079937

Posted in Data Protection, Information Risks, Reputation Matters | Tagged , ,

How long does personal data have to be stored under the data protection law?

The short answer is no longer than necessary. Personal data will need to be retained for longer in some cases than in others. How long you retain different categories of personal data should be based on individual business needs. A … Continue reading

Posted in Crab Insight, Data Protection, Information Risks, What we are being asked about | Tagged , ,

The Data Protection Bill

The UK’s third generation of data protection law has entered Parliament. The Data Protection Bill was published on 14 September 2017 and aims to modernise data protection laws to ensure they are effective in the years to come.  The Information … Continue reading

Posted in Crab Alert, Crimson Crab, Data Protection, Information Risks | Tagged , ,

Notification under the Data Protection law

When the General Data Protection Regulations (GDPR) come into effect next year there will no longer be a requirement to notify the Information Commissioner’s Office (ICO) as there is now. There is a provision in the Digital Economy Act which … Continue reading

Posted in Crab Alert, Crimson Crab, Data Protection, Information Risks | Tagged , ,

What is personal data?

For the purposes of the Data Protection Act the quick definition is data which identifies a living individual. The Information Commissioners Office has put together a quick reference guide to help. Please click here to access the guide which will … Continue reading

Posted in Crimson Crab, Data Protection, Information Risks, What we are being asked about | Tagged ,

Can I buy a mailing list to send out marketing material?

There are plenty of databases out there but whether they can be used to send marketing material will depend on the basis on which the personal information concerned was collected. The general rule is that unsolicited marketing can be sent to individuals … Continue reading

Posted in Data Protection, Information Risks

Identity theft at epidemic levels, warns Cifas

Identity theft at epidemic levels, warns Cifas – Read more on the BBC website

Posted in Data Protection, Information Risks | Tagged ,