Last year, British Airways suffered a data breach that resulted to the details of hundreds of thousands of its online user’s details being stolen, including email details and credit card details including the 3-digit security code from the back.
The GDPR came into force on the 25th May 2018. One year on we look back at the top questions we’ve been asked about GDPR, and review how it’s being implemented.
“People expect that their personal information will be treated with respect and privacy. Unfortunately, there are those who abuse their position of trust and the ICO will take action against them for breaking data protection laws.”
“People expect that their personal information will be treated with respect and privacy. Unfortunately, there are those who abuse their position of trust and the ICO will take action against them for breaking data protection laws.”
Facebook is fined £500,000 by the ICO for serious breaches of data protection laws after the Cambridge Analytica mass harvesting of user data. At least 1 million UK users, and 87 million users worldwide had their data harvested.
The ICO have released details of a Telford company who have been fined for a breach of the Data Protection Act in relation to the CCTV footage.
It’s been a month since the GDPR came into force and we’ve seen lots of great examples of organisations updating their processing policies to be more transparent with the information they process. However, we’ve also seen a few organisations that have ignored or poorly applied the GDPR and as such are in breach of the regulation and exposing themselves to reprimanding measures.
The General Data Protection Act will come into force across Europe on May 25th 2018. Any organisations that processes personally identifiable information will need to be compliant with the GDPR. Time is running out, but we can still help you get your documentation and processes ready to meet your GDPR requirements.
The ICO have opened consultation on their Regulatory Action Policy which sets out how the organisation will deal with the organisations it regulats under various legislation, including the General Data Protection Regulation (GDPR or the Data Protection Bill as it will be in the UK once we leave Europe), the Freedom of Information Act and the Privacy and Electronic Communications Regulations (PECR)
