Organisations have traditionally responded to regulatory compliance on a law-by-law, or department-by-department basis. Whilst that may have been a perfectly adequate strategy a decade ago, today's increasingly complex regulatory environment is very different. A systematic and strategic approach to regulatory compliance is now as fundamental to long-term business success as is a co-ordinated approach to your business strategy. The following articles will give you an insight into data protection, the Freedom of Information Act, the monitoring of staff regarding internet and email usage, disability rights, commercial IT contracts and many other items, suggesting ways in which legal risks can be managed to enhance corporate reputation, improve business processes and ultimately give your customers greater confidence.
From ComputerWeekly.com Information commissioner Elizabeth Denham has welcomed the UK government's confirmation that it will implement the EU's General Data Protection Regulation (GDPR) despite the outcome of the UK referendum. In a blog post, Denham wrote: 'I see this as good news for the UK. One of the key drivers ... read more..
From SC Magazine Companies are not adopting appropriate governance and security measures to protect sensitive data in the cloud according to a Ponemon Institute report The 2016 Global Cloud Data Security Study, commissioned by Gemalto. More than 3,400 IT and IT security practitioners were surveyed from the UK, US, Brazil, ... read more..
From TechRepublic Cyber attacks may cost businesses big bucks, but that doesn't mean that organisations are prepared for them. According to a report released Monday, 79% of IT and IT security professionals don't have the proper infrastructure to identify and defend against cyber attacks. The report, Security Beyond the Traditional ... read more..
From V3.co.uk The Information Commissioner's Office (ICO) has advised organisations to set up internal security breach reporting procedures, supported by comprehensive training, as part of preparations for the General Data Protection Directive (GDPR) due to come into effect in 2018. The recommendation is made in an ICO Breach notification advisory, ... read more..
From ComputerWeekly.com The European Commission (EC) has officially adopted the EU-US Privacy Shield framework to protect transatlantic personal data transfers to the US, but that may not be the end of the controversy. Andrus Ansip, EC vice president for the Digital Single Market, said the framework will protect the personal ... read more..
From ComputerWeekly.com Christopher Graham, the UK information commissioner for the past seven years, retired from his post on 28 June, with his successor Elizabeth Denham still in Canada. His deputy, Simon Entwistle, is currently holding the fort. The unusual handover followed a failure by the government to obtain the Queen's ... read more..
From Computerworld UK Spit five feet inside the IT department of a larger organisation right now and you'll hit someone with a reasonable claim to dislike the onerous EU General Data Protection Regulation (GDPR). Styled as the most significant piece of privacy law yet enacted, few would argue that most ... read more..
From IT Pro Over a third of IT workers have admitted to accessing corporate systems after they have left a company, potentially breaching the Computer Misuse Act. According to a survey carried out by Vason Bourne on behalf of Protected Networks, 49% of those surveyed said they had retained access ... read more..
From ComputerWeekly.com Human error is the main cause of data breaches, according to statistics obtained from the UK's Information Commissioner's Office. Figures obtained by Egress Software Technologies via a Freedom of Information (FOI) request found that human error accounted for almost two-thirds (62%) of the incidents reported to the ICO ... read more..
From Computing.co.uk The European data protection supervisor (EDPS) Giovanni Buttarelli has raised concerns about the EU-US Privacy Shield data-sharing pact, claiming that it is not robust enough to stand up to proper legal scrutiny. This supports a resolution by the European Parliament last week in which MEPs voted 501 to ... read more..
From ComputerWeekly.com The European Union's new data protection regulation is complicated, but there are 10 key facts businesses need to know, says privacy lawyer and KuppingerCole analyst Karsten Kinast. 'The General Data Protection Regulation (GDPR) comes into force in less than two years' time, but it is not too late ... read more..
From Computing.co.uk The big four UK mobile phone companies are selling potentially sensitive data to third parties without seeking the explicit consent of their customers and failing to provide any obvious way of opting out. That's the contention of social entrepreneur and privacy campaigner Geoff Revill, who has studied the ... read more..
From IT Pro The EU's General Data Protection Regulation (GDPR) rules will become law from 25 May 2018, following the publication of the document's final draft. Companies now have 24 months to implement the guidelines outlined in the document, including who is accountable for security and how data flows between ... read more..
From ComputerWeekly.com European Union data protection rules will require the appointment of 28,000 data protection officers (DPOs) in the next two years in Europe alone, a study revealed. Even though the final version of the General Data Protection Regulation (GDPR) requires only public authorities and other entities engaged in profiling ... read more..
From SC Magazine Almost half (47%) of IT leaders in EU-based businesses are unaware of the geographical location of critical and personal data. A survey conducted by UKFast studied over 300 IT decision makers ranging from startups and medium-sized businesses. The survey comes as the Privacy Shield, a replacement for ... read more..
From Computing.co.uk The European Union e-Privacy Directive, the pan-European law that required website operators to put cookie warning pop-ups on their sites, is to be reviewed. In the review, the European Commission will consult with businesses, industry bodies and other 'stakeholders' over possible reforms to the law which has been ... read more..
From Information Age Two years after the EU's General Data Protection Regulation (GDPR) was first announced, 20% of IT decision makers in the UK are still unaware of its existence, accordingto research. The European Parliament formally adopted the GDPR last Thursday and when it comes into force in 2018 it ... read more..
From V3.co.uk Organisations hoping that the looming referendum on Europe will render the recently passed General Data Protection Regulation (GDPR) irrelevant are clinging to a false hope. The GDPR was four years in the making and was finally passed on Thursday by politicians in Europe, ushering in major new rules ... read more..
From Computing.co.uk Councils have been urged to review their information governance arrangements and prepare for the incoming General Data Protection Regulation (GDPR) now. The Society of Information Technology Management (Socitm) said that with both the new EU data protection regulations coming in and the new EU-US Privacy Shield arrangement replacing ... read more..
From ComputerWeekly.com Use of the cloud (compute and storage) tops IT departments' to-do lists, while storage and backup for virtualised environments is still a key priority, although declining. Meanwhile and somewhat surprisingly flash storage deployment appears to have plateaued. Those are the findings of the ComputerWeekly.com/TechTarget IT Priorities ... read more..
From ComputerWeekly.com Most IT leaders recognise the importance of data protection but more than a quarter of IT decision makers (ITDMs) at UK firms admit they could do more to protect corporate data. Almost 90% of CIOs/CISOs, 80% of ITDMs and 74% of knowledge workers said their ability to ... read more..
From V3.co.uk Cloud computing is seeing huge growth. No matter where you look the figures are big. Growth at Amazon Web Services (AWS) was reported as being almost 70% in 2015. Microsoft Azure may be growing even faster, although it is hard to compare like with like. Then we have ... read more..
From Computing.co.uk Organisations will need to put in place new internal record keeping and other controls around data when the EU General Data Protection Regulation (GDPR) is introduced, warns DLA Piper legal director JP Buckley. And the new data protection law will apply to even the smallest of businesses. That ... read more..
From Computerworld.com Businesses may take some comfort from the fact that a successor to the Safe Harbor agreement has finally been named but, at this point, they shouldn't get too comfortable. Since it was first announced last week, the EU-US Privacy Shield agreement governing trans-Atlantic data transfers has elicited considerable ... read more..
From IT Pro EU officials have finally agreed on the wording of the new General Data Protection Regulations (GDPR) following three years of negotiations and draft documents. Although the changes, which aim to set some kind of data protection consistency around the whole of Europe, haven't been formally agreed upon ... read more..
From ComputerWeekly.com Two-thirds of global companies will review their business strategies in European countries in light of the coming General Data Protection Regulation (GDPR), a survey has revealed. Underpinning this is costs and practicality, with 68% of respondents claiming the new regulation will dramatically increase costs of doing business in ... read more..
From IT Pro Britain leaving the EU could land firms with bills of up to £1.6 million moving data from European data centres. According to a survey of IT decision makers, conducted in September by Vanson Bourne, half of the firms said they are yet to start making contingency plans while only ... read more..
From Computing.co.uk Now that the Safe Harbour agreement is no more, many people and organisations will be wondering where that leaves them in their use of US-owned cloud-based services such as Google Docs, Salesforce, Office 365 and Netflix. What if their business is based on the cloud, or if their ... read more..
From InformationWeek There is more to data privacy than getting hacked. Data privacy is all about how a company gathers and protects data. Fortunately, there is more than one line of defence, according to a recent joint study done by the International Association of Privacy Professionals (IAPP) and Bloomberg BNA, ... read more..
From Information Age More than two-thirds (68%) of IT professionals say keeping up-to-date with changing data protection regulatory requirements is a financial burden on their business, new research has revealed. British businesses feel most strongly about this (77%), compared with 66% in France and 61% in Germany. This is according ... read more..