Data Breach

Data Breaches across Europe

Posted on

A Data Protection Commission 2018 survey reported that GDPR awareness amongst Irish SMEs is pleasingly high (90%). However, a 2018 MicroWarehouse survey of 100 CIOs and IT Managers found that large implementation gaps remain. Over 50% of Irish SMEs had yet to implement data protection measures, with 30% of respondents reporting that cyber security is […]

Compliance

CCTV and Data Privacy: What’s the story?

Posted on

A sensible and well-designed and CCTV system is a powerful tool for deterring criminals and tackling security issues. On the other hand, badly designed systems, cause legal and PR problems while generating a false sense of security. In our experience, privacy and security are not mutually exclusive. We find a pragmatic approach based on the […]

Audit

PECR: an Introduction

Posted on

Privacy and Electronic Communications Directive (PECR) refers to a set of European directives which have been issued and refined since 2002. These directives were written specifically to address the requirements of new digital technologies and ease the adoption of new and innovative electronic communications services. The Directives complement the Data Protection Directive and applies to […]

DPIA

The What, Which, When & Who of DPIAs

Posted on
DPIAs are how an organisation manages risk when start a new type of data processing

Data Protection Impact Assessments (DPIAs) are an often misunderstood element of GDPR compliance. Like so much of the GDPR there is little precision in the regulations, but a process must be followed and an artefact must be produced.  This DigiTorc article, one of a series of occasional articles, defines: What a DPIA must consist of? Which processing activities require a DPIA? […]

DPO

Who can be a DPO?

Posted on
GDPR exposes your organisation. Digitorc can help protect you.

GDPR lays out some parameters describing who can be a DPO. In brief the DPO should be trained in data protection law while the level of expertise required is situational. Like much of this principled based legislation, it is worth looking at the primary texts to understand the concepts. DPO’s background The main texts to […]

DPO

What does a DPO do?

Posted on
For us to be secure we need to privacy. The role of DPO is to ensure that EU GDPR regulations are fully implemented in organisations

The Data protection officers (DPO) is an unusual role, as it has some statutory functions and independence, yet still exists within an organisation’s line structure. GDPR did not introduce the concept of DPO. The practice of appointing a DPO has developed in several Member States over the years since Directive 95/46/EC3 in October 1995. However since the coming into force of GDPR appointing DPOs is now mandatory […]

Audit

What are Joint Controllers?

Posted on

Sometimes the division between Data Processors and Data Controllers is not simple. Where more than one entity has control in determining the processing requirements, there can be multiple Data Controllers.  This situation can lead to “Joint Controllers” which needs to be managed carefully. To recap: the Data Controller determines the purposes for which and the manner in which personal data […]

DPO

Do I need a DPO?

Posted on

There is a certain amount of confusion around Ireland about DPOs after GDPR came into force.  In 95% of cases we tell Irish Organisations that they don’t need one.  How do we come to that conclusion?  It is worth stepping back for a moment and think about what GDPR says about the requirement for DPOs: The Law Article 37(1) of the […]