Lawyers warned over potentially negligent GDPR advice

A legal compliance expert has warned that lawyers may need to take action over potential breaches of data protection rules.

Brian Rogers, Director of Regulation and Compliance Services for Riliance, said those who advised businesses how to comply with new GDPR rules last May should revisit that advice – and even contact clients to admit they made a mistake.

Rogers spoke to the Gazette after lawyers were publicly criticised last month by Chris Combemale, Chief Executive of the marketing network DMA Group. Combemale told a Westminster Legal Policy Forum conference that many of the 1,000 DMA members had been wrongly told to focus on consent as the basis for processing data.

Read more

Google must delete links to articles in “Right to be Forgotten” case

Google was ordered to take down links to articles about the historic criminal convictions of a businessman.

Two businessmen (NT1 & NT2) convicted of criminal offences many years ago brought claims made under Data Protection law and the English law tort of misuse of private information, for the “right to be forgotten” or, more accurately, the right to have personal information “delisted” or “deindexed” by providers of internet search engines (“ISEs”)

Read more

GDPR, References and Confidential Information

The GDPR impacts on the giving of references and supplying confidential information
Employers are advised to write a clear policy on the giving of references. The ICO (Information Commissioner’s Office) has said employers should have a clear policy setting out, which employees are authorised to give references and in what circumstances.

Read more

Data Processors and the General Data Protection Regulation (GDPR)

Data Protection
Whether you are a Data Controller or a Data Processor you have responsibilities under the General Data Protection Regulation (GDPR). A controller determines the purposes and means of processing personal data, whereas a processor is responsible for processing personal data on behalf of a controller and you are required to maintain records of personal data and processing activities.

Read more

Verified by ExactMetrics