28 November 2017
The real impact of the GDPR… new notification obligations
To date, GDPR headlines have mainly focused on the threat of heavy fines. However, the Information Commissioner’s Office (the ‘ICO’) has made it clear that issuing fines has always been, and will continue to be under the GDPR, a last resort. Rather, the most immediate impact of the GDPR following a data breach is the new obligation under Article 29 to notify both the ICO and those individual data subjects affected by data breaches. These individuals are most likely to be the clients, customers, suppliers and other contacts upon which your organisation relies and, following any significant data breach, notification may lead to that breach becoming public.
28 November 2017
Coroners to investigate still born deaths
Today, the Health Secretary announced “a new maternity strategy to reduce the number of stillbirths. This strategy centres on the investigation of still birth deaths by the new Healthcare Safety Investigations Branch but it also included a planned change in the law to allow coroners to investigate full term still birth deaths. Currently there is no requirement for a doctor to refer a still birth death to the local coroner.
21 November 2017
An introduction to Data Protection Officers under the GDPR: Should you appoint one?
There is currently no legal requirement for companies to appoint a dedicated officer responsible for data protection; the Information Commissioner’s Office merely encourages this as good practice. However, this will change when the General Data Protection Regulation (“GDPR”) comes into force in May 2018 and introduces a requirement for certain organisations to appoint a Data Protection Officer (“DPO”).
20 November 2017
Legal update: When an inquest is still necessary after criminal proceedings in order to comply with Article 2
In the recently reported case of R (Silvera) v HM Senior Coroner for Oxfordshire [2017] EWHC 2499 (Admin), the Divisional Court looked at the investigative duties placed on the state by Article 2 of the European Convention on Human Rights and the importance of the coronial process in ensuring that those duties have been met.
23 October 2017
The EU-US Privacy Shield – One Year On and Still Going Strong
The EU-US Privacy Shield was established by the EU Commission in August 2016 to replace the previous ‘Safe Harbour’ system, which was ruled unlawful by the European Court of Justice (to read the ECJ’s decision, see here).