Now more than ever, organisations understand the importance of information security and data governance. The GDPR (General Data Protection Regulation) and similar laws have imposed strict rules on the ways organisations must protect the information they process. Anyone who fails to...
Organisations in the UK are being urged to bolster their data protection measures as the Russian invasion of Ukraine continues. The incursion has been accompanied by a flurry of cyber attacks from hackers on both sides of the conflict. Russia has...
Your relationship with third parties comes with countless risks: they can breach the terms of your contract, suffer a data breach or incur business disruptions affecting your supply chain. These occur a lot more often than you might think. A 2021 Ponemon...
It is one of the most common ways organisations breach personal data. A newsletter or other email to multiple recipients is sent with the email addresses of all the other recipients visible. A quick Internet search can allow specific individuals to...
The Labour Party is working with the ICO (Information Commissioner’s Office) and NCSC (National Cyber Security Centre) to manage a data breach within one of its suppliers, Blackbaud. The breach involved the theft of information pertaining to Labour members and supporters....
Under the GDPR (General Data Protection Regulation), organisations and their suppliers can be held accountable in the event of a data breach. This is why it’s essential for data controllers to review the information security practices of data processors before agreeing...
Data quality management can be complex, especially if you don’t know the extent of the data you hold or fully understand all of its applications. Proper data governance is essential to your organisation’s ongoing success: as the quality, relevance and accuracy of data...
Organisations of all sizes rely on data protection policies and procedures to ensure that they process information effectively and in line with their regulatory requirements. But creating this documentation is often harder than it looks, with a lack of resources and...
The Guardian recently dropped the first stories of an investigation it has been conducting alongside other organisations into a form of spyware produced by the NSO Group. When a story like this appears, GRCI Law’s clients often ask us to provide...
Organisations that conduct international data transfers have had a frustrating few months. First, the European Court of Justice invalidated the EU–US Privacy Shield, then the UK left the EU without a clear legal basis for transferring personal data. If you’re confused...
