Every person, no matter their age, has the right to have their personal information protected and used only in a fair and lawful manner. As children may be less aware of their rights, as well as the risks, associated with the processing of their personal data, the General Data Protection Regulation (GDPR) considers children to […]
The GDPR requires certain organisations to appoint a Data Protection Officer (DPO). This includes public bodies, organisations that conduct regular, large-scale and systematic monitoring of individuals and those that process special categories of personal data on a large scale. While the role of a modern DPO is multi-dimensional, their core responsibility is to help an […]
On 14 May 2021, Ireland’s Health Service Executive (HSE) suffered a major ransomware attack and was forced to shut down all its IT systems, nationwide. This sophisticated, financially-motivated attack – which has been called the most ‘significant’ cybercrime attempt against an Irish state agency1 – brought diagnostic services, COVID-19 testing and other critical activities to […]
The GDPR requires organisations that are not based in the EU but that process personal data relating to people in the EU to appoint a representative in certain situations. The requirements, which we will explore below, have been catapulted to centre stage recently following a €525,000 fine which was imposed on the website “Locatefamily.com” by […]
We are delighted to announce that Pembroke Privacy has joined forces with some true leaders in data protection and cybersecurity to form Strand Advisory, a new data protection consulting firm with a global reach. Our clients can still benefit from our local expertise and relationships, while also gaining access to our global colleagues. We are […]
Our founder Kate Colleary joined the IAPP – International Association of Privacy Professionals President and CEO J. Trevor Hughes together with #privacypros from around the world for a chat via #LinkedInLive.
Under certain circumstances organisation are required to carry out a Data Protection Impact Assessment (DPIA). A DPIA is essentially a risk management process. It helps you identify, analyse and minimise the data protection risks of a project or new technology. If carried out at the start of a project it can help you embed data […]
Organisations that wish to transfer the personal data of Europeans to jurisdictions outside the EEA must use an appropriate transfer mechanism to transfer the data lawfully. For example, let’s take a company based in the US that provides accounting software to Customers in the EU. These EU Customers are likely to be Data Controllers as […]
The New EU Data Protection Regime: Setting Global Standards for the Right to Personal Data Protection
Our founder and director Kate Colleary co-authored this paper with Emily Gibson and Anna Morgan. It was due to be presented at the annual European judges conference in The Hague this summer but Coronavirus prevented that. Click here to view the publication.
Join our founder & director Kate Colleary at #IAPPSummitSessions with IAPP – International Association of Privacy Professionals! Click here – https://iapp.org/conference/virtual-sessions/summit-sessions/