DPO

Who can be a DPO?

Posted on
GDPR exposes your organisation. Digitorc can help protect you.

GDPR lays out some parameters describing who can be a DPO. In brief the DPO should be trained in data protection law while the level of expertise required is situational. Like much of this principled based legislation, it is worth looking at the primary texts to understand the concepts. DPO’s background The main texts to […]

DPO

What does a DPO do?

Posted on
For us to be secure we need to privacy. The role of DPO is to ensure that EU GDPR regulations are fully implemented in organisations

The Data protection officers (DPO) is an unusual role, as it has some statutory functions and independence, yet still exists within an organisation’s line structure. GDPR did not introduce the concept of DPO. The practice of appointing a DPO has developed in several Member States over the years since Directive 95/46/EC3 in October 1995. However since the coming into force of GDPR appointing DPOs is now mandatory […]

Audit

What are Joint Controllers?

Posted on

Sometimes the division between Data Processors and Data Controllers is not simple. Where more than one entity has control in determining the processing requirements, there can be multiple Data Controllers.  This situation can lead to “Joint Controllers” which needs to be managed carefully. To recap: the Data Controller determines the purposes for which and the manner in which personal data […]

Audit

Four key points to include in contracts between Data Controllers and Data Processors

Posted on

The General Data Protection Regulation (2016/679), imposes clear requirements controlling the appointment of data processors by data controllers.  One of these is a requirement prescribing various matters which must be stipulated in a written contract (Article 28). As and from 25 May 2018 all agreements between Data Controllers and Data Processors need to meet these new GDPR requirements. This is a major change for many organisations, […]

Compliance

GDPR for IT equipment suppliers

Posted on

The data controllers carries primary responsibility, along with any data processors to protect the data subjects under GDPR.  Businesses who sells IT equipment even if that equipment processes personally identifiable data have far less stringent obligations.  However to remain competitive offering GDPR compliant features makes good business sense. This normally involves development in two areas […]

Compliance

Big Data : The New Oil or Nuclear Waste?

Posted on
Data leaking is like nuclear waste leaking. Once we believed that big data would drive new industries by monitoring data freely. Now we see its a bit more complicated.

We have been told that big data usage will differentiate successful businesses from failures.  That is probably true, but not only as “the new oil” driving innovation.  Perhaps data is more like nuclear waste, it costs a fortune to store and when it leaks…..? The new oil arguments for using big data are well known: […]

Audit

GDPR a primer

Posted on

General Data Protection Regulation or GDPR imposes new and arduous burdens on business and other organisations across Europe from May 2018.  Behaviours will have to change and companies have to make sure they are ready for the deadline or face fines up to 20 M euro. This primer summarises some aspects of the GDPR which […]