As you know, governments make laws and the courts interpret and apply them. This is demonstrated by some significant decisions recently handed down which impact how data controllers (such as employers) respond to SARs (subject access requests). These decisions considered key Continue reading Key lessons from recent cases on subject access requests
On 9 June 2017 the ICO published their revised ICO Code of Practice on subject access requests (SARs), a request by an individual to see the personal data that an organisation holds about them. This revised Code is important because it Continue reading How to deal with Subject Access Requests: Top 5 Tips
At last, something interesting to read about in the Manifestos of the ‘Big Three’ (with apologies to SNP, UKIP , Plaid Cymru etc). The Lib Dems manifesto promises to “Roll back state surveillance powers by ending the indiscriminate bulk collection Continue reading Manifestos and Data Protection: what lies beneath?
In the beginning… In 2014 Facebook bought WhatsApp (for $19 billion!). Why? Because WhatsApp was well on its way to having 1 billion users – and Facebook wanted to have access to those. Fine, but what’s this got to do with Continue reading What’s up with WhatsApp (and Facebook)?
Introduction In August 2016 the Information Commissioner’s Office, (‘the ICO’) announced that it had fined Whitehead Private Nursing Home, (‘the nursing home’), £15,000 for breaking the law by not looking after the sensitive personal details in its care. The legal Continue reading Nursing home fined £15,000 for data security breach
A GP practice that revealed confidential details about a woman and her family to her estranged ex-partner has been fined £40,000. The practice gave out the information despite express warnings from the woman that staff should take particular care to protect Continue reading GP surgery fined £40,000 for failing to protect patient’s personal data
In June 2016 the National Data Guardian for Health and Care, Dame Fiona Caldicott, published her report ‘Review of Data Security, Consent and Opt-Outs’. This addresses the question of what more can be done to build trust in how the Continue reading Health & social care organisations, trust and data security
A recent parliamentary report, (Cyber Security: Protection of Personal Data Online) recommends several new measures that businesses should adopt to improve their cybersecurity including: A portion of CEO compensation should be linked to effective cybersecurity, in a way to be Continue reading MPs say CEO pay should be linked to effective cybersecurity
The government has decided to shut down its controversial care.data scheme after concerns were raised about the safeguards in place to protect individuals’ health care data and issues with patient transparency. The care.data scheme was plagued by delays since it Continue reading Government scraps NHS Patient Database Scheme
There are many uncertainties ahead and it will be some time before we start to have an appreciation of how precisely Brexit will impact on domestic laws relating to data protection. However, in the meantime, as the ICO has helpfully Continue reading Brexit & DP: Keep calm and carry on?