Category: Regulations

Vulnerability Assessment

Context: In order to determine if the appropriate technical security measures have been implemented, notice needs to be taken of the risks associated with processing.

Read More »

Organisational Measures

Context: In some cases the GDPR refers to explicit organisational measures that need to be implemented such as data protection policies and human intervention. In

Read More »

Right of Access

Context: A fundamental, under-pining concept for the GDPR (outlined in Article 15) is that personal data is the property of the individual. This ownership is

Read More »

Joint Controllers

Context: The GDPR recognises that there will be situations where there are 2 or more ‘joint’ controllers. All controllers have a responsibility to ensure that

Read More »

Data Portability

Context: A core principle behind the GDPR is that personal information is the property of the data subject. This principle is embodied in two key

Read More »

Data Breach

Context: The GDPR acknowledges that data breaches can and do occur. It seeks to have processes and controls put in place to minimise the possibility

Read More »

International Transfers

Context: Personal data can be exposed to additional risk when that data is transferred outside the country of origin.  The EU also makes the assumption

Read More »