GDPR Friday Roundup – 29th September 2017

Who’s getting it wrong?

A former employee of Leicester City Council has been prosecuted for unlawfully obtaining personal data. Prior to leaving the organisation the defendant has sent 34 emails to his private account containing the personal information of 349 vulnerable people’s sensitive data. Head of ICO Enforcement Steve Eckersley said “employees need to understand the consequences of taking people’s personal information with them when they leave a job role. It’s illegal and when you’re caught, you will be prosecuted”. Read more here.


Other News

Deloitte has been the target of a hack that compromised the confidential emails and plans of some of its blue-chip clients. The cyber security attack reportedly went unnoticed for months. An administrator’s account was used to access the firm’s server, which gave the hacker unrestricted access to all areas. The account used only required a single password and did not have “two-step” verification. Read more here.


Following the cyber attack on Equifax that compromised the personal information of 143m Americans and 400,000 Britons, Equifax’s chairman and chief executive Richard Smith has decided to retire with immediate effect. Read more here.


The Institute of Fundraising has written to digital minister Matt Hancock asking him to provide a “GDPR hotline” to help charities prepare for its implementation. This comes after the IoF carried out a survey finding that 48% of charities felt they lacked the internal expertise needed to prepare for the GDPR and 72% felt there was a lack of clear guidance on it. Read more here.

Leave a reply

You must be logged in to post a comment.