Deadline Approaches for Updating Contracts Containing Old EU Standard Contractual Clauses (SCCs)
Stuart Skelly
|
Senior Consultant at URM
Published on:
12 Feb
2024

URM’s blog discusses changes to the SCCs British organisations can use to legitimise restricted transfers of data under the UK GDPR

Read more
ROPA Spreadsheet
How to Create a Record of Processing Activities (ROPA)
Published on:
10 Jun
2022

In this blog, we will outline a step-by-step procedure on how you can create a ROPA.

Read more
ROPA Spreadsheet
Who Needs a ROPA and Why?
Published on:
8 Jun
2022

Under the UK GDPR, the majority of organisations processing personal data are required to create and maintain a ROPAs

Read more
Blog Preview Image
GDPR
PUBLISHED on:
8/2/2024
Stuart Skelly10 Top Tips for Achieving GDPR Compliance

URM provide 10 actionable top tips that will allow you to take significant steps forward in your compliance journey.

Blog Preview Image
GDPR
PUBLISHED on:
26/1/2024
Martin BrazierFacial Recognition Technology and Data Protection Compliance

URM’s blog outlines the DP concerns around the use of facial recognition technology (FRT), and offers guidance on making sure your FRT use is GDPR compliant.

Blog Preview Image
GDPR
PUBLISHED on:
24/1/2024
Stuart SkellyAnalysis of Fines Imposed by the Information Commissioner’s Office in 2023

URM’s blog breaks down the fines issued by the ICO in 2023 for data protection breaches, highlighting emerging trends in their approach to enforcing compliance.

Blog Preview Image
GDPR
PUBLISHED on:
15/12/2023
Stuart SkellyInformation Commissioner’s ‘Today’ Interview 13/12/23

URM discusses an interview with the Information Commissioner, John Edwards, and the background of the penalty fine imposed on the Ministry of Defence (MOD).

Blog Preview Image
GDPR
PUBLISHED on:
14/12/2023
Pauline BraceConducting Data Transfer Impact Assessments (DTIAs)

URM answers key questions around data transfer impact assessments (DTIAs), providing detailed guidance on the best practice approach to conducting them.

Blog Preview Image
GDPR
PUBLISHED on:
8/12/2023
Pauline BraceConducting Data Protection Impact Assessments (DPIAs)

URM answers key questions around data protection impact assessments (DPIAs), providing detailed guidance on the best practice approach to conducting them.

Blog Preview Image
GDPR
PUBLISHED on:
11/12/2023
Stuart SkellyClearview Case

URM details Clearview AI’s successful appeal against the ICO imposing a £7.5 million fine for breach of the UK GDPR and their grounds for reversing the ruling.

Blog Preview Image
GDPR
PUBLISHED on:
11/12/2023
Stuart SkellyChatbots and Personal Data: Benefits and Risks

This blog considers at high-level various possible legal ramifications of using Chatbots, especially ChatGPT, concerned with data protection risks.

Blog Preview Image
GDPR
PUBLISHED on:
11/12/2023
Stuart SkellyAnalysis of Fines Imposed by the Information Commissioner’s Office in 2022

When looking to comply with the General Data Protection Regulation (GDPR), it is always a worthwhile exercise....

Blog Preview Image
GDPR
PUBLISHED on:
17/10/2023
Avoiding Email Data Security Breaches

For all of us, email can be both a blessing and a curse. On one hand you have the speed and convenience of communication....

Blog Preview Image
DSAR Redaction
PUBLISHED on:
17/10/2023
How to Respond to a Data Subject Access Request (DSAR)

Let’s face it, there is nothing straightforward or simple about responding to a data subject access request (DSAR).

Blog Preview Image
GDPR
PUBLISHED on:
17/10/2023
What is the UK International Data Transfer Agreement and What Are the Implications?

On 2 February 2022, the Information Commissioner’s Office (ICO) laid before Parliament changes around restricted international personal data transfers.

Blog Preview Image
DSAR Redaction
PUBLISHED on:
17/10/2023
Data Subject Access Requests (DSARs) Services

One of the fundamental rights of an individual (data subject), under the UK GDPR is to be able to access and receive a copy of their personal information.

Blog Preview Image
GDPR
PUBLISHED on:
17/10/2023
Data Transfer Risk Assessment

We are focussing on transfer risk assessments (TRAs), commencing with the background that led to their introduction and then addressing the five questions.

Blog Preview Image
GDPR
PUBLISHED on:
17/10/2023
What is the GDPR?

The GDPR (EU) 2016/679 is an EU regulation which came into effect on 25 May 2018 and set a new benchmark for the processing of personal data.

Blog Preview Image
GDPR
PUBLISHED on:
17/10/2023
The CJEU Declares the EU-US Privacy Shield Invalid and SCCs Valid

On 16 July 2020, the CJEU issued its judgement on the adequacy of both the Privacy Shield and standard contract clauses (SCCs).

Blog Preview Image
GDPR
PUBLISHED on:
17/10/2023
What is the Purpose of ISO 27701 and What Benefits Does it Bring?

The need for guidance on how organisations should best protect privacy and manage personal information has never been more pertinent.

Blog Preview Image
GDPR
PUBLISHED on:
17/10/2023
ISO 27701:2019 and the GDPR

The EU GDPR and the UK DPA both require organisations to protect and ensure the privacy of any personal data which they process.

Blog Preview Image
GDPR
PUBLISHED on:
17/10/2023
In-house Resource vs Virtual DPO

This blog takes a look at DPOs and considers when to look in-house and when a virtual, external resource or hybrid resource may be a better option.

Blog Preview Image
DSAR Redaction
PUBLISHED on:
17/10/2023
Data Subject Access Requests (DSARs) – The Need for Education and Centralised Processes

We discuss the importance of ensuring that your whole organisation can identify a DSAR and the benefits of controlling the entry points of DSARs.

Blog Preview Image
GDPR
PUBLISHED on:
17/10/2023
Verifying the Identity of Someone Requesting Information Under the GDPR

We look at the requirement within both the DPA and the GDPR to verify the identity of an individual making a request before acting or releasing information

Blog Preview Image
GDPR
PUBLISHED on:
17/10/2023
Data Protection and Management System Standards – Which is Best for Me?

Is there a catch-all international standard that effectively proves external verification of data protection compliance?

Blog Preview Image
GDPR
PUBLISHED on:
17/10/2023
Transferring Personal Data Outside of the EEA

This blog looks at a very specific area of the GDPR - Article 28 and data transfer outside of the EEA.

Blog Preview Image
GDPR
PUBLISHED on:
17/10/2023
Supply Chain Compliance with the GDPR

This blog focuses on an aspect of the GDPR which can be particularly challenging for a number of organisations.

Blog Preview Image
GDPR
PUBLISHED on:
17/10/2023
What is the Difference Between Personal Data and Sensitive Personal Data?

There is some confusion about the difference between personal data and sensitive personal data and even whether sensitive personal data exists as a term!

Blog Preview Image
GDPR
PUBLISHED on:
17/10/2023
Tips on Demonstrating UK GDPR Compliance

We provide some questions which should help you in determining your level of compliance with the GDPR

Blog Preview Image
GDPR
PUBLISHED on:
17/10/2023
Are you adequately covering GDPR within your ISMS?

We have seen an increased focus on the General Data Protection Regulation (GDPR) by certification body (CB) assessors when conducting ISO 27001 audits.

Blog Preview Image
GDPR
PUBLISHED on:
17/10/2023
BS 10012:2017 – What are the Benefits and How Do I Achieve Certification

BS 10012 is a standard which has been developed to enable organisations to implement a personal information management system (PIMS).

Blog Preview Image
GDPR
PUBLISHED on:
17/10/2023
Gaining Senior Management Buy-In to GDPR Compliance

Why can it still be challenging to gain traction on your GDPR compliance project?

Blog Preview Image
GDPR
PUBLISHED on:
17/10/2023
THE GDPR – 5 Myths Dispelled

The adoption of the General Data Protection Regulation (GDPR) in April 2016 had wide-ranging impacts. These affect all organisations.

Blog Preview Image
GDPR
PUBLISHED on:
9/2/2024
When and How to Conduct a Data Protection Impact Assessment (DPIA)

A DPIA delivers a pre-emptive approach to assessing these risks, and can prevent a data breach occurring. We present an outline of steps in conducting a DPIA

Blog Preview Image
GDPR
PUBLISHED on:
2/2/2024
UK International Data Transfer Agreement

DTA and the UK Addendum to the current European Commission’s SCCs re the next steps in providing a transfer tool for complying with the UK GDPR.

Blog Preview Image
GDPR
PUBLISHED on:
31/1/2024
How to Create a Record of Processing Activities (ROPA)

In this blog, we will outline a step-by-step procedure on how you can create a ROPA.

Blog Preview Image
GDPR
PUBLISHED on:
30/1/2024
Who Needs a ROPA and Why?

Under the UK GDPR, the majority of organisations processing personal data are required to create and maintain a ROPAs

"
We cannot thank URM enough for their help in ensuring our business is GDPR compliant. Both the gap analysis conducted and the in-depth assistance with the ROPA were made much easier and understandable with URM’s help. I would like to give particular thanks to URM's Consultant for providing us with the best guidance and making a famously complex topic comprehensive, and to our Account Manager for helping make sure all our needs were covered.
contact US

Let us help you

Let us help you in your compliance journey by completing the form and letting us know how we can best support you.