DQM GRC’s Senior GDPR Consultant, Louise Brooks, will be speaking at #RISK 2022 on 17 November at ExCel London on the topic of ‘Managing Data Breach Disclosure and Reporting Requirements’. 14/11/2022 https://www.www.dqmgrc.com/news/dqmgrc-risk-2022 Data protection and privacy consultancy, DQM GRC, has won the “Best data ethics and privacy initiative” at the 2020 DataIQ awards for its Privacy by Design training programme with WarnerMedia. 15/10/2020 https://www.www.dqmgrc.com/news/dqm-grc-wins-best-data-ethics-and-privacy-initiati Following the Schrems II ruling by the European Court of Justice in July 2020, any organisation transferring data from the EU to the US needs to take steps to ensure they remain compliant with the GDPR. 28/07/2020 https://www.www.dqmgrc.com/eu-us-gdpr-data-transfer-assessment-and-action-plan COVID-19 Cyber Risk and Data Privacy Response Service with IT Governance & GRCI Law 03/04/2020 https://www.www.dqmgrc.com/news/securing-your-remote-working-processes-during-the-covid-19-pandemic Cookies are a valuable tool that can give your organisation a great deal of insight into your users’ online activities. The regulations governing cookies are currently split between the General Data Protection Regulation (GDPR), the Privacy and Electronic Communications Regulation (PECR), and the ePrivacy Directive, with the incoming ePrivacy Regulation set to be finalised later this year. 09/03/2020 https://www.www.dqmgrc.com/news/cookies-and-the-ico-gdpr-pecr-and-eprivacy-regulation We’re now 18 months into the brave new world of GDPR. Like many data protection professionals, I found the new legislation acted as a magic word with executives. It helped open up the resources to review information management practices that had not been looked at in many years, if ever. 22/11/2019 https://www.www.dqmgrc.com/news/how-to-keep-the-board-involved-in-data-protection If you feel your organisation’s interest in all things GDPR has waned a little over the past 18 months, or you’d like to read about how other companies are reengaging their colleagues’ interest in data protection - then this article is for you. 15/11/2019 https://www.www.dqmgrc.com/news/transforming-data-protection-by-design-and-default In June 2019 Kendra Kerry produced an article on steps that can be used to encourage actors to take responsible actions. They can also be applied very effectively to data controllers, and demonstrate the role that consultants and data protection professionals have on encouraging behaviour change. 15/11/2019 https://www.www.dqmgrc.com/news/overcoming-the-diffusion-of-responsibility-for-gdpr Under the GDPR, organisations can only process data when it is lawful to do so. This means you must firstly identify the most appropriate of the six lawful bases, and then comply with the requirements attached to your chosen one. 04/11/2019 https://www.www.dqmgrc.com/news/processing-personal-data-on-the-basis-of-contractual-necessity For most of us, the mere mention of the GDPR stirs memories of those hazy few weeks in early summer 2018 - where corporate panic and media scaremongering filled inboxes far and wide with permission-seeking emails and hastily updated privacy policies. 14/08/2019 https://www.www.dqmgrc.com/news/the-principles-of-the-data-protection-act-2018-a-g