Works councils and data privacy rights

​The Covid-19 pandemic saw the rise of remote working. In light of this, an increasing number of organisations are also seeking to adopt monitoring tools in order to observe the productivity of employees. Under Article 4 of the General Data Protection Regulation (GPDR), behavioural characteristics of an individual constitutes as personal data. Therefore, the GDPR [...]

By |2021-07-13T17:41:18+01:008th July, 2021|DPO, International, News, ThoughtLeadership|

Schrems II decision – sanctions and enforcement

It has been almost a year since the Court of Justice of the European Union (CJEU) issued its well-known Schrems II decision which invalidated the Privacy Shield for data transfers between the EU and US. The Court established that if Standard Contractual Clauses (SCCs) are used instead, the sending party must examine privacy laws [...]

By |2021-07-13T17:40:37+01:002nd July, 2021|DPO, Governments, International, News|

European Commission confirms UK adequacy decisions

As a result of Brexit, under the General Data Protection Regulation (GDPR), UK became a “third” country. This means organisations need to put in place a safeguard to transfer personal data to a third country, typically Standard Contractual Clauses, known as SCCs. On 28 June 2021, the European Commission (EC) adopted two adequacy decisions for the [...]

By |2021-06-30T12:41:45+01:0030th June, 2021|DPO, Governments, News|

France and Germany crack down on cookie compliance

France Following the publication of the cookie guidelines and recommendations, the French Data Protection Authority (DPA), the CNIL, has issued 20 organisations with formal notices giving them a month to comply with cookie laws. These include international digital players and public bodies. If they fail to comply by the deadline, they face fines of up to 2% of their turnover. [...]

By |2021-06-02T10:38:02+01:0028th May, 2021|DPO, Governments, International, News|

EDPB adopts favourable opinion on draft UK adequacy decision

The European Data Protection Board (EDPB) adopted two opinions on the European Commission’s draft UK adequacy decision at its 48th plenary session and early indications are that their stance is favourable. It will now be for the European Commission to seek approval from representatives from each EU Member State, after which a final decision [...]

By |2021-04-30T16:44:55+01:0030th April, 2021|DPO, News|

Data protection software tools

Data protection and privacy requirements have grown increasingly complex and while there is no substitute for a comprehensive privacy programme staffed by a knowledgeable and multidisciplinary team, there are increasingly more opportunities to enlist the help of software tools. All three companies reviewed here, offer their own custom API and set of automated tools designed to integrate with a company’s existing technology stack, [...]

By |2021-04-12T16:36:09+01:0012th April, 2021|DPO, International, News|

Tackling Covid-19 variants and its implications on global personal health data sharing

The evolving nature of the ongoing COVID-19 pandemic and its new variants has raised global concerns. In this regard, scientific research efforts across all ages and types of population continue to rise in the fight against the virus. This means more personal health data will be collected, used and further processed for scientific research. [...]

By |2021-04-12T16:16:58+01:0012th April, 2021|DPO, International, News|

The EDPB’s response to European Commission’s questions on health research and the application of the GDPR 

On 2 February 2021, the EDPB published its document in response to the request from the European Commission for clarifications on the consistent application of the GDPR, focusing on health research. The EDPB will explain more on the issue in its guidelines on the processing of personal data for scientific research purposes later in [...]

By |2021-04-12T16:17:08+01:0017th March, 2021|DPO, International, News|

CNIL imposes joint accountability fines on a controller and processor for GDPR infringement

On 27 January 2021, CNIL fined a controller €150,000 and a processor €75,000 for EU (European Union) GDPR data protection infringements.  After receiving numerous personal data breach notifications from customers who were making purchases from the controller's website, CNIL initiated an investigation to analyse data processing activities of the website. The investigation was also [...]

By |2021-03-23T17:14:51+00:0017th March, 2021|DPO, International, News|

What’s on the horizon this year for data protection

We begin this year with a new EU-UK trade agreement, providing the data protection world with some comfort around data transfer flows from the EU/EEA to the UK. As the Covid-19 pandemic continues, HewardMills has highlighted data privacy trends and practical steps which organisations should take note of to ensure their data protection programmes [...]

By |2021-03-31T11:45:03+01:0020th January, 2021|DPO, International, News|
Go to Top