Browse Topics

Recently Added Resources

Good data practice: A guide for business to consumer internet of things services for Australia

The Internet of Things Alliance Australia published this guide to assist providers of IoT services and devices to design fair and appropriate features and settings for privacy, security and accessibility into their products and services and to make available appropriate and readily understood guidance for consumers about their use. The guide also intends to assist the IoTAA and consumer organizations in developing general guidance for consumers about privacy protection and secure implementation ... Read More

Getting to GDPR Compliance: Risk Evaluation and Strategies for Mitigation

The European Union’s General Data Protection Regulation presents compliance challenges for organizations across industries and geographies. American firms struggle with the law’s complexity. Even among European firms, which presumably have already built data protection programs to comply with the EU Data Protection Directive, the GDPR requires new investments in privacy resources. The risks of not complying, of course, include fines up to 4 percent of global turnover. But not all non-compliance... Read More

Certification Scheme of Data Protection Officers from The Spanish Data Protection Agency

The purpose of this document from Spain’s AEDP is to establish the general guidelines that regulate the certification scheme for persons for the “Data Protection Officer” category, set out in Section 4 of Chapter IV of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016, on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and the relationships between the different agents who will be involv... Read More

Consultation: GDPR consent guidance

This draft guidance from the U.K. Information Commissioner’s Office aims to help you decide when to rely on consent for processing and when to look at alternatives. It explains what counts as valid consent, and how to obtain and manage consent in a way that complies with the GDPR.Read Now (PDF 258KB)... Read More

ICO Guidance: Breach Notification

This guidance from the U.K. Information Commissioner’s Office outlines breach notification requirements under the EU General Data Protection Regulation, including what information needs to be included in a notification, and when organizations need to notify supervisory authorities and those affected. Read Now... Read More

Data Retention Policy Checklist

This checklist from Taylor Wessing sets out the key issues that a business should consider when implementing a data retention policy that aims to be compliant with the EU General Data Protection Regulation. Access Checklist... Read More