GDPR has obliged companies to formalise their approach to Subject Access Requests (SARs). They must reveal information they hold or are responsible for in their supply chain, about an individual, why they hold it, and who has access to it, in response to a SAR. Organisations have one month to respond to a valid SAR. More...

How a policy of privacy by design sets your business up for the long term While for some GDPR was BAU, others a huge effort, and a bit of a panic for a minority, one of the most significant outcomes is the perception that cyber security is no longer just ‘an IT thing’. It’s a board-level issue. More...

A view from Andrew Rogoyski, VP of Cyber Security Services, CGI UK As we approach May 2018, the full implementation date for the General Data Protection Regulation (GDPR), or more likely, the implementation date of the UK Data Protection Bill which will be drafted into UK law to reflect GDPR, I thought it worth talking about what one can do in the working days we have left to prepare for it. More...

Pages