The Data Guardians Managing Director and lead consultant Matthew Lamb is a Certified Cyber Risk Management Practitioner. Get in touch with us to ask about how we can help you with your GDPR and Data Protection Act 2018 compliance.
The Labour Party has been forced to lock down access to membership databases and campaign tools over concerns the information was being accessed by breakaway MPs in a potential breach of data protection laws. The party’s General Secretary, Jennie Formby, said Labour had “become aware of a number of attempts to access personal data” on its systems by “individuals who are not, or are no longer, authorised to do so”. The inference was that one or more of the Labour MPs that left the party last week to form The Independent Group had taken members’ details with them for use in future campaigns. Read more here.
The European Data Protection Board has published new draft guidance on the development of GDPR codes and the activities of associated monitoring bodies. Find the guidance here.
The number of data breaches reported by UK financial services firms to the Financial Conduct Authority increased 480% in 2018, to 145 up from just 25 in 2017. Read more here.
The Government and NHS England have published a new code of conduct detailing that businesses supplying artificial intelligence tools to the NHS in England will be expected to be open about the way their algorithms work and to define key performance indicators for the technology. Read more here.
Equifax is expecting various sanctions from the consumer Financial Protection Bureau and the Federal Trade Commission in the US over it’s 2017 data breach. The CFPB and FTC have both notified Equifax that they expect to seek “injunctive relief damages” and the CFPB plans to seek “civil money penalties”. Equifax is also facing a number of lawsuits from cities, shareholders, and more than 1,000 lawsuits from consumers over the breach. Read more here.
New York’s governor has ordered two state agencies to investigate a media report that Facebook may be accessing far more personal information than previously known from smartphone users, including health and other sensitive data. Read more here.
A recent report by Wakefield Council says that staff in some Wakefield schools have not been given data protection training (around 50%) and that this is a “common area of weakness” across the district. Read more here. While this case is in Wakefield, we expect that many schools across the country have still not adopted the necessary data protection policies and procedures and that many school staff are not fully aware of what the data protection changes mean for them.