Data Privacy & Cybersecurity

 

Data Privacy & Cybersecurity

CYBERSECURITY SERIES: RECEIVING A BREACH NOTIFICATION FROM A SUPPLIER - COMMUNICATING WITH CUSTOMERS

Even if you determine that you don’t have to tell your customers about a data breach, you may still wish to do so for practical/relational/reputational reasons. Under the various laws mentioned above, regulators can in some circumstances compel...

CYBERSECURITY SERIES: RECEIVING A BREACH NOTIFICATION FROM A SUPPLIER - COMPLYING WITH NOTIFICATION OBLIGATIONS

So you’ve received a breach notification from a supplier and have limited information about what’s happened,. You have limited time to determine whether you need to notify regulators / affected organisations and individuals and make those...

Cybersecurity Series: Receiving a breach notification from a supplier - Obtaining information

Having a cyber breach is most organisations’ worst nightmare. It’s considered the number 1 risk in the US, with UK businesses typically listing it in their top two. What’s becoming more apparent is the level of control our suppliers...

Data security breach at Butlin's

Butlin’s has admitted to a data breach that has resulted in the possibility of some 34,000 booking reference numbers, guest names, holiday dates, postal addresses, email addresses and telephone numbers having been accessed inappropriately. Managing...

Updating the ICO's Code of Practice on Data Sharing

The 2011 Information Commissioner’s Office Code of Practice on Data Sharing is to be updated following the introduction in 2018 of the new GDPR rules. As part of the initial process the Information Commissioner wishes to hear opinion from trade...

Privacy shield under pressure

Privacy Shield, the mechanism governing trans-Atlantic data flow essential to many companies, is being challenged by EU lawyers who have backed MEP’s calls for its suspension. The Council of Bars and Law Societies of Europe (CCBE), which represents...

What GDPR requires following a data breach?

The GDPR has introduced a mandatory breach notification procedure for organisations that suffer certain security breaches that leads to the accidental or unlawful destruction (or loss or disclosure) of personal data. Here are the headline facts. One of...

GDPR - is everyone struggling with breach notification?

The GDPR has introduced a mandatory breach notification procedure for organisations that suffer certain security breaches that leads to the accidental or unlawful destruction (or loss or disclosure) of personal data. We discussed the headline facts in a...

Does GDPR work for Blockchain and Distributed Ledger Technologies?

The business world has talked of little else but GDPR over the last few months. In the technology sector, however - and in particular those involved in blockchain technology -  some legal commentators believe there are “irreconcilable”...

Company Directors could be held personally liable and fined for PECR breaches

In all of the GDPR talk over the last month you can be forgiven for forgetting that the Privacy and Electronic Communication Regulations 2003 (PECR) also require consideration. As we explained in an earlier article , there are two pieces of legislation...
  • Page 1 of 3