The Benefits of an Independent GDPR Audit
  • May 30, 2018
  • GDPR, ISO 27001
items-image

So, the GDPR is now in force and you’ve put everything in place to comply. What’s next? Many businesses are now focusing on maintaining compliance and evidencing compliance to stakeholders. An annual independent GDPR audit can help you to achieve both these things. Who can perform an independent GDPR audit? GDPR compliance validation schemes are now popping up across the…

Read more
GDPR and ISO 27001: A Winning Combination for Compliance
  • April 6, 2018
  • COURSES, GDPR, ISO 27001
items-image

"ISO 27001 is the only auditable international standard that defines the requirements of an information security management system (ISMS)." The GDPR and ISO 27001 fit like hand and glove. As the only auditable international standard that defines the requirements of an information security management system, the GDPR encourages the use of this standard.   What is ISO 27001?   ISO…

Read more
Why Has the GDPR Introduced ‘Privacy by Design’ and ‘Privacy by Default’?
  • March 30, 2018
  • GDPR, ISO 27001
items-image

‘Privacy by Design’ and ‘Privacy by Default’ are not new concepts.  The right to privacy is a fundamental aspect of the European Convention on Human Rights and is already at the heart of all ethical organisations.  However, the GDPR is the first European data protection legislation to explicitly recognise these rules. What is ‘privacy by design'? "Organisations must design policies,…

Read more
NDC Global Auditors Brings Training Services to Wiltshire
  • March 21, 2018
  • COURSES, GDPR, ISO 27001, ISO 45001, ISO 9001, OHSAS 18001
items-image

It’s been a busy and exciting start to the year for us here at NDC Global Auditors. In February, we moved from our Swindon offices to Trowbridge, where we have set up a Wiltshire Training Academy. Businesses across Wiltshire can now access a wide range of open access training courses that will help them to stay legally compliant. Helping You…

Read more
How Will the GDPR Affect Children’s Data Processing?
  • February 21, 2018
  • GDPR, ISO 27001
items-image

"The GDPR identifies children as ‘vulnerable individuals’ deserving of ‘specific attention’..." The GDPR will bring in special protection for children’s personal data, particularly where it is used for information services such as online shopping, live or on-demand streaming services and for social networking.  The GDPR identifies children as ‘vulnerable individuals’ deserving of ‘specific attention’, explaining that this is because children…

Read more
What Will ‘Consent’ Mean Under the GDPR?
  • February 6, 2018
  • GDPR, ISO 27001
items-image

"Under the GDPR the definition of consent is clearer and more rigorous..." The current Data Protection Act (DPA) and the GDPR both state that every organisation that processes personal data must have a legal basis for doing so; ‘consent’ is just one choice. If consent is your chosen legal basis then you need to be aware of differences between the…

Read more
The Benefits of ISO 27001 Information Security Management System
  • December 15, 2017
  • COURSES, GDPR, ISO 27001
items-image

ISO 27001 is an internationally recognised standard designed to help businesses protect and manage their information assets. The standard’s framework supports you to implement and maintain a robust information management system (ISMS) that complies with regulations.   Business benefits of Implementing ISO 27001 1. Effective risk management ISO 27001 requires that you: Assess threats to your information security and identify…

Read more
How Will the Rules for Subject Access Requests (SARs) Change Under the GDPR?
  • December 8, 2017
  • GDPR, ISO 27001
items-image

The rules for making a subject access request (SAR) under the GDPR will be similar to the Data Protection Act 1998. However, there are key differences.   With less than six months until the GDPR comes into force, it’s time to make sure you can meet new requirements to be legally compliant. What is a subject access request (SAR)? A SAR…

Read more
How does the GDPR change the lawful basis for processing personal data?
  • December 8, 2017
  • GDPR, ISO 27001
items-image

Under the current Data Protection Act 1998 (DPA) any organisation that processes personal data and sensitive personal data must have a legal basis for doing so. The GDPR, which comes into force in May 2018, is more rigorous in maintaining this position.  Changes affected by the GDPR will have clear, practical implications in a way that the current DPA does…

Read more
How Will the GDPR Change Individuals’ Data Protection Rights?
  • December 1, 2017
  • GDPR, ISO 27001
items-image

For the most part, individuals’ data protection rights will be the same as they are under the current Data Protection Act but with significant enhancements. The GDPR will also introduce new rights.  There will be the ‘right to erasure’; individuals can have their data deleted upon request.   The GDPR will also introduce the ‘right to data portability’ which allows data…

Read more