Data protection authorities around the world have started to do a data protection audit (or GDPR audit) on controllers to check that they comply with data protection law. Essentially, the authority compares your organisation to a data protection law [...]
In everyday language, a ‘one-stop shop’ is a business offering multiple services and the only place you need to fulfil your needs. A ‘one-stop shop’ means something else from a data protection perspective in the context of the GDPR, although [...]
This week, the UK Information Commissioner's Office (ICO) issued two intentions to fine organisations for breaches of the GDPR. It has not issued these GDPR fines yet, and both organisations still have an opportunity to respond to the intention with [...]
Now there is a good question. Many people ask us how much does data protection compliance (or more specifically GDPR compliance or POPIA compliance) cost. I'm afraid there is no simple answer but I can give you some guidance to [...]
For many, being GDPR certified or obtaining GDPR certification is the holy grail. It provides proof that you comply with the GDPR and other data protection laws. This is especially true for processors that process personal data for controllers. [...]
Who must appoint a DPO? What does the General Data Protection Regulation (GDPR) require regarding a Data Protection Officer (or DPO)? This is one of the questions the GDPR, which the European Parliament recently adopted, has made many organisations ask. Another one of [...]
For many, a data protection standard is the holy grail in assisting them to comply with data protection laws. Data protection standards often provide very practical actionable controls (almost a checklist) that they can implement in order to protect data and therefore comply [...]
When a data subject's right to privacy is infringed or someone fails to protect their personal data, and they suffer damages as a result. Who is liable for those damages? Who should the data subject be taking legal action against? Is [...]
The deadline to comply with the General Data Protection Regulation (GDPR) was 25 May 2018. The date has come and gone. People all over the world are rushing to comply and are working hard to implement the required controls. The big [...]
They say hindsight is 20/20. And usually it's not helpful to hear that. But for once we can really apply what we've learnt. By helping organisations meet the GDPR compliance deadline, we've identified the key stumbling blocks to avoid as [...]
