Data Protection Blog

15 June 2018

GDPR: The significance of the new principle of accountability

The GDPR has introduced a new accountability principle: the data controller “shall be responsible for, and be able to demonstrate compliance, with” each of the six principles of the GDPR. For a principle summarised in 10 words, there is a significant amount of work required by organisations to ensure accountability. And there may be significant consequences if this work is not undertaken.  

Emily Carter

29 May 2018

The ICO’s Regulatory Action Policy: What to expect in the new GDPR era

The Information Commissioner’s Office (ICO) has begun consulting on a new Regulatory Action Policy (“the Policy”). This new policy is intended to provide “direction and focus” for those the ICO regulates, the public and its staff - and therefore demands careful consideration by anyone concerned about regulatory action within this new GDPR era. Critically, the Policy reiterates the ICO’s commitment to a balanced approach to regulation by creating an environment in which data subjects are protected whilst business is able to operate and innovate efficiently:

Emily Carter

25 May 2018

GDPR: A guide for therapists

Unless you’ve been under a rock for the past few months, you’ll be aware that changes are afoot in the data protection world.  Your inbox is probably full of emails from organisations using various catchy phrases to get you to “opt in” to receiving communications (my favourite was headed “darling you’ve got to let me know, will you stay or will you go?” – who said data protection couldn’t be fun?!).  But what is GDPR and what does all this mean for you as a therapist? 

Lucy Williams

4 April 2018

The Data Protection Bill - New Criminal Offences for Data Protection Breaches On Their Way to the Statute Book

The Data Protection Bill (“the Bill”) was described in the Queen’s speech of June 2017 as a new law to ensure ‘that the United Kingdom retains its world-class regime protecting personal data’. It supplements and bolsters the General Data Protection Regulation (“GDPR”), the directly effective EU regulation on Data Protection coming into force in May. 

Ed Smyth

5 March 2018

Subject Access Requests under the GDPR: What employers need to know

Employers need to be aware of the enhanced rights employees will have to request and access data under the General Data Protection Regulation (‘GDPR’).

Maeve Keenan

Skip to content Home About Us Insights Services Contact Accessibility