News

DQM feedRSS 2.0

DQM GRC wins “Best data ethics and privacy initiative”

15/10/2020

Data protection and privacy consultancy, DQM GRC, has won the “Best data ethics and privacy initiative” at the 2020 DataIQ awards for its Privacy by Design training programme with WarnerMedia.

EU–US GDPR Data Transfer Assessment and Action Plan

28/07/2020

Following the Schrems II ruling by the European Court of Justice in July 2020, any organisation transferring data from the EU to the US needs to take steps to ensure they remain compliant with the GDPR.

Securing your remote working processes during the COVID-19 pandemic

03/04/2020

COVID-19 Cyber Risk and Data Privacy Response Service with IT Governance & GRCI Law

Cookies and the ICO, GDPR, PECR and ePrivacy Regulation: A Guide to Compliance

09/03/2020

Cookies are a valuable tool that can give your organisation a great deal of insight into your users’ online activities. The regulations governing cookies are currently split between the General Data Protection Regulation (GDPR), the Privacy and Electronic Communications Regulation (PECR), and the ePrivacy Directive, with the incoming ePrivacy Regulation set to be finalised later this year.

How to keep the Board involved in data protection

22/11/2019

We’re now 18 months into the brave new world of GDPR. Like many data protection professionals, I found the new legislation acted as a magic word with executives. It helped open up the resources to review information management practices that had not been looked at in many years, if ever.

Transforming Data Protection by Design and Default

15/11/2019

If you feel your organisation’s interest in all things GDPR has waned a little over the past 18 months, or you’d like to read about how other companies are reengaging their colleagues’ interest in data protection - then this article is for you.

Overcoming the diffusion of responsibility for GDPR

15/11/2019

In June 2019 Kendra Kerry produced an article on steps that can be used to encourage actors to take responsible actions. They can also be applied very effectively to data controllers, and demonstrate the role that consultants and data protection professionals have on encouraging behaviour change.

Processing personal data on the basis of ‘Contractual Necessity’

04/11/2019

Under the GDPR, organisations can only process data when it is lawful to do so. This means you must firstly identify the most appropriate of the six lawful bases, and then comply with the requirements attached to your chosen one.