Ireland’s data protection authority – the Data Protection Commission (DPC) – has published frequently asked questions (‘FAQs’) on data subject access requests (SARs). The FAQs highlight the circumstances in which an individual is entitled to make a SAR, the information an individual is entitled to when making a SAR, and the method an individual should […]
data subject rights
Guernsey’s Office of the Data Protection Authority (‘ODPA’) published guidance on the right to data portability. In particular, the Guidance provides information on data portability requests including, relevant fees, the response timeframe and format of the request. In addition, the Guidance differentiates between data portability requests and subject access requests, and includes a case study […]
On October 22, 2018, the Future of Privacy Forum (FPF), the European Federation of Pharmaceutical Industries and Associations (EFPIA), and the Centre for Information Policy Leadership (CIPL) hosted a workshop in Brussels, “Can GDPR Work for Health Scientific Research?,” to discuss the processing of personal data for health scientific research purposes under the European Union’s […]
In connection with the EU General Data Protection Regulation (GDPR), many companies are wondering how to implement a “data deletion policy”. This article describes the essential steps that companies need to undertake when preparing a GDPR-compliant data deletion policy and the associated documentation.
In this guide, Privacy Perfect provides a seven step scheme to help you become GDPR compliant. We won’t claim it’s easy, but it’s doable. To provide you with more insight, they have drafted an infographic reflecting the internal and external stakeholders and sources needed for inventory purposes.
The handbook provides an overview of the EU’s and the CoE’s applicable legal frameworks. It also explains key case law, summarising major rulings of both the Court of Justice of the European Union and the European Court of Human Rights. In addition, it presents hypothetical scenarios that serve as practical illustrations of the diverse issues […]
The right to be informed covers some of the key transparency requirements of the GDPR. It is about providing individuals with clear and concise information about what you do with their personal data.
This code is intended to help employers comply with the Data Protection Act and to encourage them to adopt good practice. The code aims to strike a balance between the legitimate expectations of workers that personal information about them will be handled properly and the legitimate interests of employers in deciding how best, within the law, […]
Organisations are increasingly looking to record staff telephone calls, whether in response to specific regulatory requirements or for their own particular business needs. This eBook explores the implications of the GDPR for this type of call recording.