As more employees settle into the ‘new normal’ of home working, organisations need to be extra vigilant to the increase in cyber and other security-related risks attached to online and remote working. Whilst most home workers can use secure Wi-Fi connections, this is not the case for everyone. Some still need to use unsecured public […]
Credit reporting agency found to be using personal data for marketing purposes without data subjects’ consent The Information Commissioner’s Office (ICO) has issued an enforcement notice to Experian, the credit reporting agency, asking it to make changes on how it handles personal data within its direct marketing services. The ICO has given Experian 9 months […]
The General Data Protection Regulation (EU) 2016/679 (GDPR) is an EU regulation which came into effect on 25 May 2018 and has set a new benchmark for the processing of personal data. It applies to any organisation that is processing the personal information of data subjects inside the EEA. The Data Protection Act (DPA) 2018 sits alongside […]
What are the Implications and Next Steps for Your Organisation? On 16 July 2020, the Court of Justice of the European Union (CJEU) issued its judgement on the adequacy of both the Privacy Shield and standard contract clauses (SCCs). The EU-US Privacy Shield is a mechanism that enables participating companies to meet the EU requirements for […]
As an accredited Cyber Essentials certification body (CB), URM handles a significant number of applications every year from a wide variety of organisations and business sectors. For many organisations looking to achieve cyber essentials certification, having to complete a self-assessment can be challenging, particularly if they have not previously had to verify their IT infrastructure […]
Clause 8.3 of the ISO 22301:2019 (ISO 22301) Standard for Business Continuity states that: “Based on the outputs from the business impact analysis and risk assessment, the organization shall identify and select business continuity strategies that consider options for before, during and after disruption. The business continuity strategies shall be comprised of one or more […]
With the transition period following the UK’s exit from the EU set to end on 31 December 2020, those organisations that rely on personal data transfers from the EU to the UK are looking to ensure that the transfers remain lawful from 1 January 2021. While there are a couple of frontrunners amongst the options […]
Need to engage employees in risk assessment process As the gradual easing of lockdown continues, more and more organisations are looking at how they can open workplaces back up. Below is the downloadable poster that the UK Government recommends all employers display to show that its guidance has been followed. Top of the list – ‘we […]
In our ‘Plan for Business Continuity – Tips On How To Protect Your Reputation and Brand’ blog, we looked at the importance of an effective BC response from a reputational and brand perspective. Here, we take the opportunity to put the theory into practice and provide our thoughts on who have been the winners and […]