5 Benefits of Task-based Risk Assessment
  • February 1, 2018
  • COURSES, ISO 45001, OHSAS 18001
items-image

Risk assessment is a fundamental health and safety requirement in any type of organisation. When it comes to the manufacturing and engineering industries though, the value of task-based risk assessment goes beyond meeting legal requirements and keeping workers safe. Here are five reasons to include task-based risk assessment in your organisation’s core training programme. 1. It’s good practice Task-based risk…

Read more
The Benefits of ISO 27001 Information Security Management System
  • December 15, 2017
  • COURSES, GDPR, ISO 27001
items-image

ISO 27001 is an internationally recognised standard designed to help businesses protect and manage their information assets. The standard’s framework supports you to implement and maintain a robust information management system (ISMS) that complies with regulations.   Business benefits of Implementing ISO 27001 1. Effective risk management ISO 27001 requires that you: Assess threats to your information security and identify…

Read more
How Will the Rules for Subject Access Requests (SARs) Change Under the GDPR?
  • December 8, 2017
  • GDPR, ISO 27001
items-image

The rules for making a subject access request (SAR) under the GDPR will be similar to the Data Protection Act 1998. However, there are key differences.   With less than six months until the GDPR comes into force, it’s time to make sure you can meet new requirements to be legally compliant. What is a subject access request (SAR)? A SAR…

Read more
How does the GDPR change the lawful basis for processing personal data?
  • December 8, 2017
  • GDPR, ISO 27001
items-image

Under the current Data Protection Act 1998 (DPA) any organisation that processes personal data and sensitive personal data must have a legal basis for doing so. The GDPR, which comes into force in May 2018, is more rigorous in maintaining this position.  Changes affected by the GDPR will have clear, practical implications in a way that the current DPA does…

Read more
How Will the GDPR Change Individuals’ Data Protection Rights?
  • December 1, 2017
  • GDPR, ISO 27001
items-image

For the most part, individuals’ data protection rights will be the same as they are under the current Data Protection Act but with significant enhancements. The GDPR will also introduce new rights.  There will be the ‘right to erasure’; individuals can have their data deleted upon request.   The GDPR will also introduce the ‘right to data portability’ which allows data…

Read more
How Will Privacy Notices Change Under the GDPR?
  • December 1, 2017
  • GDPR, ISO 27001
items-image

At the moment, when your organisation collects people’s personal data your privacy notice needs to tell them who you are and how you plan to use their data. Under the GDPR your privacy notice must contain some additional information.  You need to communicate your legal basis for processing data, your data retention periods and you must inform people that they…

Read more
GDPR EU Regulation and the Personal Data You Hold
  • November 24, 2017
  • GDPR, ISO 27001
items-image

The GDPR EU regulation requires you to maintain records of all your personal data processing activities. In order to do this you need to identify what types of personal data you hold, where it came from, who you share it with, the reason you need it, how you maintain accuracy and how you keep the information secure.  Here are the…

Read more
How can you make employees aware of the new GDPR data protection requirements?
  • November 16, 2017
  • GDPR
items-image

It’s vital to make everybody in your organisation aware of the new data protection requirements that the GDPR will bring. The majority of data breaches that occur are due to human error – sending information to the wrong email address, failing to encrypt data, and losing memory sticks or mobile devices.  Under the GDPR, penalties for such errors could be…

Read more
What does the GDPR mean for healthcare, social care and voluntary sector organisations?
  • November 14, 2017
  • GDPR
items-image

The European Union’s General Data Protection Regulation (GDPR) comes into force on 25th May 2018, regardless of Brexit. The legislation gives new rights and greater protection to data subjects. Given that health, social care and voluntary sector organisations utilise vast amounts of sensitive data, GDPR is an important development. Serious failures to comply with legislation can result in huge fines…

Read more
GDPR – 12 Steps to Getting It Right
  • November 8, 2017
  • GDPR
items-image

If your company already complies with the Data Protection Act (DPA) then you have a firm foundation for meeting the new EU General Data Protection Regulation (GDPR). In order to adapt your practice to meet regulatory changes and to gain support from managers in your organisation, it’s a good idea to start preparing now. These twelve steps draw upon ICO’s…

Read more