Africa focus – Kenya’s Data Protection Act 

Since the passage of the EU’s General Data Protection Regulation (GDPR) in 2018, many countries are striving to be GDPR-compliant, and Kenya is no exception. As one of the growing fintech hot spots in Africa, the rapid advancement of technology in Kenya has been turning heads in data protection. It was recently reported that fintech innovations in Kenya immensely contributed to the sharp rise in the accessibility to basic [...]

By |2021-10-06T16:34:45+01:006th October, 2021|DPO, Governments, International|

The role of privacy in ESG investing

ESG (Environmental, Social and Governance) criteria are non-financial factors used by socially-responsible investors to assess companies they are considering investing in. ESG is an increasingly popular metric. According to Bloomberg, Global ESG assets are expected to exceed $53 trillion by 2025, more than a third of the $140.5 trillion in projected total assets under management. [...]

By |2021-10-04T17:58:41+01:004th October, 2021|DPO, Financial, ThoughtLeadership|

Analysing the €225 million fine against WhatsApp

The Irish Data Protection Commission (DPC) has announced a €225 million fine against WhatsApp Ireland Ltd for breaches of the GDPR. It is the second highest fine ever issued under the GDPR. The fine followed breaches by WhatsApp of its GDPR transparency obligations to users and non-users in relation to how their data was [...]

By |2021-09-08T18:17:52+01:008th September, 2021|DPO, Governments, News|

HewardMills develops Transfer Impact Assessment template

Introduction On 4 June 2021, the European Commission adopted new Standard Contractual Clauses (EU SCCs) for the transfer of personal data from the European Economic Area (EEA) to third countries that are not deemed “adequate” by the European Commission. On 11 August 2021, the UK Information Commissioner's Office (ICO) published draft UK SCCs, formerly known as the International Data Transfer Agreement (IDTA), for UK companies to use [...]

By |2021-09-03T16:14:20+01:002nd September, 2021|DPO, International, ThoughtLeadership|

HewardMills supports Cyber Essentials certification

HewardMills is proud to support the Cyber Essentials certification. Cyber Essentials is an initiative backed by the UK Government to help organisations “guard against the most common cyber threats and demonstrate a commitment to cybersecurity.” Benefits of the certification include: Reassuring stakeholders that you are working to secure your systems against cyber-attack Showing partners [...]

By |2021-09-09T12:57:33+01:001st September, 2021|DPO, News|

Differences between a Data Protection Officer and a Chief Privacy Officer

The question of where to place, and how to structure, the privacy function is a crucial one for organisations striving for privacy excellence. The Data Protection Officer (DPO) and Chief Privacy Officer (CPO) are two key roles for any global organisation processing personal data at scale. While they have overlapping responsibilities, they are in [...]

By |2021-08-19T11:34:04+01:0018th August, 2021|DPO, ThoughtLeadership|

DPO qualifications – what are they?

While the General Data Protection Regulation (GDPR) states that the DPO ‘shall be designated on the basis of professional qualities and, in particular, expert knowledge of data protection law’, it does not define in detail thequalifications needed to fulfil the role. However, various data protection authorities (DPA) have stipulated requirements, for example, the Irish [...]

By |2021-08-03T16:04:12+01:003rd August, 2021|DPO|

Brazilian consumer protection authority fines several banks for personal data misuse

Even before the Brazilian data protection law enforcement provisions come into force on 1 August 2021, the Brazilian Justice Minister, by way of the consumer protection authority Senacon, has issued significant fines to five large banks (Itaú, Safra, Cetelem, BMG and Pan) with a presence in Brazil for the misuse of consumer personal data. [...]

By |2021-07-28T17:22:05+01:0028th July, 2021|DPO, International, News|

New UK data sharing obligations

Our CEO Dyann Heward-Mills, recently presented on data sharing at the Westminster eForum Policy Conference on “Next Steps for UK Data Protection”. She said that “the UK setting high standards on data sharing is to be championed. Among other things, it helps embed trust among consumers and must be matched by an active regulator [...]

By |2021-07-08T16:41:10+01:008th July, 2021|DPO, Uncategorized|

Works councils and data privacy rights

​The Covid-19 pandemic saw the rise of remote working. In light of this, an increasing number of organisations are also seeking to adopt monitoring tools in order to observe the productivity of employees. Under Article 4 of the General Data Protection Regulation (GPDR), behavioural characteristics of an individual constitutes as personal data. Therefore, the GDPR [...]

By |2021-07-13T17:41:18+01:008th July, 2021|DPO, International, News, ThoughtLeadership|
Go to Top