Blog
Kingsley Napley’s Medical Negligence Team ‘walks together’ with the Dame Vera Lynn Children’s Charity
Sharon Burkill
6 June 2016
Data Protection: 5 Things SaaS Providers Should do Today
Rather than hosting and maintaining their own software, an increasing number of businesses are turning to software as a service (“SaaS”) providers who centrally host software and make it available to customers over the internet, usually for a subscription fee. The SaaS model often requires the customer to send personal data relating to its employees and clients to the SaaS provider. This can pose a significant data protection risk for both the customer and the provider. Below we provide 5 top tips on how SaaS providers can limit their liability whilst offering the customer comfort that their data is secure.
3 June 2016
Further update: EU-US Privacy Shield
Further to our last blog of 26 April 2016, we have three updates on the EU-US Privacy Shield.
Firstly, MEPs have passed a non-legislative resolution calling on the European Commission (the Commission) to remedy “deficiencies” in its proposals for the EU-US Privacy Shield.
18 December 2015
EU Data Protection Regulation: Here at last…well, nearly!
EU Data Protection Reform has been under discussion since 2012 with the intention to “make Europe fit for the digital age”. This week the European Commission, European Parliament and the Council of the European Union have reached agreement on the final wording of the General Data Protection Regulation. The draft Regulation is now widely expected to be formally approved in the new year.
3 November 2015
A bitter pill: Hard lessons learnt by online pharmacy fined for selling customer data
The Information Commissioner has issued a monetary penalty notice (MPN) of £130,000 to Pharmacy2U, the UK's largest NHS approved online pharmacy, after it sold the details of 21,500 customers to third-parties through an online marketing company. The Commissioner’s enforcement activity to date has focussed predominantly upon data security breaches. This is the first MPN for a breach of the first data protection principle under the Data Protection Act 1998 (DPA) which concerns the fair and lawful processing of data. It provides both a reminder of the importance of the first principle and a lesson to all organisations about clear customer communication and consent.
23 October 2015
Landlords’ Right to Rent check obligations – mind the data protection, equality and criminal sanctions traps
The Home Office announced on 20 October 2015 that from 1 February 2016 all private landlords in England will have to check that new tenants have the right to be in the UK before renting out their property. The new scheme will not apply in Scotland, Wales or Northern Ireland for the time being.