ICO Blog: The 12 ways that Christmas shoppers can keep children and data safe when buying smart toys and devices

In an increasingly digital world, more and more toys and devices aimed at children now have internet-connected technology. As the Christmas shopping season begins, many parents will be considering buying them for their children. The ICO supports innovation and creative uses of personal data, but this cannot be at the expense of people’s privacy and […]

GDPR: What can you prove?

Within the immense framework that is GDPR, there is one clause that invokes a topic in the security community that is particularly interesting, though not very much fun: audit logging. When you read Article 30 that covers “Records of Processing” you see that data processors and controllers need to be able to show how and […]

Does your privacy policy measure up?

Today’s housing associations provide a vital service to citizens, whether via small independent charities or multi-disciplinary groups; and when it comes to the collection and storage of extremely sensitive data, housing associations often hold vast amounts of records about both their clients and the communities they support. As well as general contact, tenancy and financial […]

GDPR Subject Access Requests

Handling subject access requests (“SAR”) effectively and within the legal timeframe remains a challenge for many employers especially where SARs are becoming increasingly onerous. The amount of information held about employees and former employees (whether in a personnel file, internal memorandums, meeting notes or simply email correspondence) can be vast. Understanding from the outset how […]