Compliance and data rights and protection for an individual might seem to be at loggerheads with each other. With the new GDPR regulation of May 2018, a person has a right to “be forgotten”.
At a certain point in time you, as the consumer, may request that your data be deleted from a company’s database.
This is all fine and well, but what about the financial side of things where the law might require the information to be kept for a little bit longer period of time? Continue reading “Incorporating technology in compliance”
After the 2008 global financial crisis, (GFC), FinTech and RegTech development were prioritized, and while some believe that RegTech is the replacement for FinTech, it would be an untrue assumption. The question now is, what is the difference between FinTech and RegTech?
FinTech, which is short for Financial Technology, covers the entire range of financial services, focusing on five main areas: finance and investment, internal operations and risk management, data security and monetization, consumer interfaces payments and infrastructure. Continue reading “FinTech Vs RegTech – A Comparative Analysis”
According to the GDPR, individuals have the rights to the following:
THE RIGHT TO BE INFORMED
When collecting a client’s personal data, an association is required to provide them with the reason for collecting their data, the holding time for the data as well as who it will be shared with.
THE RIGHT OF ACCESS
Clients have the right to access their personal information. They can request the access either verbally or via a written request. Associations have one month to reply to the request and are not permitted to charge their clients for dealing with the request. Continue reading “INDIVIDUAL RIGHTS”
How many times have you filled out your personal details on a company website and just ticked the “T’s & C’s” block without even reading or thinking twice? Have you considered what happens to your information from there onwards?
Or how many times have you slammed down the phone in anger at yet another telesales agent calling to sell some policies or store card to you, coincidentally already having all your personal information?
The new General Data Protection Regulation of the EU, as well as it’s sister, the Data Protection Bill, aims to curb these practices. Continue reading “Keep your company GDPR compliant and out of the headlines – in a good way!”
Organisations are required to report specific incidents that occur, such as a personal data breach, to the ICO. Compliance Compendium provides a tool to customers to use in the event of such a breach, or any issue leading to the loss or abuse of private discernible information.
Not all personal data breaches need to be reported under the DPA of 25 May 2018; if it is not possible for the breach to pose a threat to someone you need not report it. Continue reading “REPORT A BREACH”
WILL EU-GDPR 2018 REGULATIONS IMPACT INDIAN COMPANIES AND THEIR BUSINESS RELATIONS WITH EUROPEAN COMPANIES?
The European General Data Protection Regulation (EU-GDPR) came into operation in May 2018. The average Joe would think only individuals and companies based in the European Union would be affected. But the impact of the EU-General Data Protection Regulation stretches far wider.
Any company with business interest based inside and outside the European Union, companies in India, NGO’s, CMRO’s, or any other organisation across the globe should expect to be impacted.
INDIA AND THE IMPACT OF THE EU-GDPR Continue reading “Will EU-GDPR 2018 Regulations Impact Indian Companies ?”
In this digital age, when most companies’ transactions are data-based and individual consumers now depend on GDPR (General Data Protection Regulations) to help protect their personal data and information, a regulatory assessment application becomes indispensable to ensure we as companies, stay compliant.
In the past and until very recent, companies had to depend on expensive DPIA (Data Protection Impact Assessments) and a DPO (Data Protection Officer). However, most small companies were and still is unable to hire their own private DPO personnel or implement DPIA regulatory software. Mostly due to the high costs associated with each. Continue reading “Regulatory Assessment Application”
Recent research which suggests half of UK Consumers intend to exercise their GDPR rights within a year proves that GDPR is going to be a very real issue for companies of all sizes. Compliance will not be the theoretical exercise many people hope it will be, which means companies must be on their toes to ensure they can comply with such requests when they are made. Continue reading “Are You Ready to Deal with Subject Access Requests?”
GDPR is going to have an enormous impact on organisations, but it will be those who don’t think they are at risk who could run into the biggest problems. Small community organisations such as church groups, could be non-compliant without knowing it. The risks could be considerable.
The press will already issue plenty of warnings about the possible size of penalties, but the biggest issue could be the loss of trust. Community groups rely on the trust they build up with their volunteers and the people they help. Continue reading “Training for Church Groups”
In a world of Big Data and GDPR the role of the Data Protection Officer (DPO) is more important than ever. However, most small organisation may find it difficult to recruit people with the kind of skills and experience they need. That’s where DPO as a service comes in. The idea behind DPO as a service is to outsource all the functions of a regular DPO. Continue reading “DPO as a Service Clinic”