The Data Guardians Managing Director and lead consultant Matthew Lamb is a Certified Cyber Risk Management Practitioner. Get in touch with us to ask about how we can help you with your GDPR and Data Protection Act compliance.
Who’s getting it wrong?
Following a year-long investigation the ICO has searched two offices in Brighton and Birmingham as part of its investigation into businesses suspected of making live and automated nuisance calls. People who received the calls were unable to identify who the calls were from or opt out of them which is against the law. Read more here.
In two separate cases two workers in Birmingham have been fined for breaching data protection laws. Faye Caughey unlawfully accessed the personal records of 14 people when she worked at the Heart of England NHS Foundation Trust. She viewed the personal data of seven family members and seven children known to her with no business need to do so. In a separate case Jayana Morgan Davis forwarded several work emails containing personal data of customers and other employees to her personal email account a few weeks before resigning. Read more here.
According to research carried out by YouGov and commissioned by Charity Business in the Community, a third of smaller businesses in the UK have not implemented a cyber security strategy. Also worrying is that only 35% of SMBs have a basic data protection policy. Read more here.
Almost 10 months into the GDPR, an assessment from the European Data Protection Board found that in the first 9 months there were:
- 206,326 cases reported from the supervisory authorities in the 31 countries in the EEA.
- About 65,000 were initiated on the basis of a data breach report by a data controller, while about 95,000 were complaints.
- 52% of the overall cases have already been closed and 1% are facing a challenge in national courts.
- Total fines came to €55.96m with the majority of this coming from CNIL’s €50m fine for Google.
Read more here.
Organisations have been invited by the ICO to comment on the development of an auditing framework for AI. The framework will give a solid methodology to audit AI applications and give guidance to organisations in order to support the continuous and innovative use of AI within the law. Read more about how you can contribute here.