9ine Consulting Blog

The ICO DPIA Guidance

The ICO DPIA Guidance

The Information Commissioner's Office (the UK data protection supervisory authority) has this week published guidance on the completion of data protection impact assessments (DPIAs). The guidance is nothing new, it summarises the Article 29 Working ...
The ICO Regulatory Action Policy

The ICO Regulatory Action Policy

The Information Commissioner's Office (the UK data protection supervisory authority) last week published its Regulatory Action Policy. The policy has been created to provide direction and focus for those they regulate, specifically the action that ...
The outsourcing of your DPO in full: A scandal in the making

The outsourcing of your DPO in full: A scandal in the making

The GDPR makes it a requirement for all public authorities (state funded schools) to have a designated Data Protection Officer (DPO). All other types of school need to document and undertake an internal analysis to determine whether or not a DPO is ...
GDPR: The Principle of Accountability

GDPR: The Principle of Accountability

The GDPR principle of ‘accountability’ requires schools to demonstrate compliance with the regulation. Within this update we discuss what this means in practice.
Breach notification under the GDPR

Breach notification under the GDPR

The recent revised and adopted guidelines on Personal data breach notification under the GDPR have been published. These guidelines set out examples of what a personal data breach is and the actions that are expected of data controllers and ...
The DPO and managing your Data Protection obligations

The DPO and managing your Data Protection obligations

There is confusion in regard to the appoint of a Data Protection Officer (DPO), their responsibilities, the Data Controller's responsibility to the DPO, and also whether those obligations dissipate if a DPO isn't legally required. This article ...
GDPR in Education: In depth guidance & support for compliance

GDPR in Education: In depth guidance & support for compliance

In preparation for the GDPR, organisations need to take certain steps to demonstrate they are taking the regulation seriously. In supporting education organisations, we have taken the guidance from the UK Supervisory Authority* and adapted it for ...
GDPR & cybersecurity January update

GDPR & cybersecurity January update

The ICO have provided a range of updates and additional guidance since the last 9ine blog. In the last few weeks they have issued a consultation document on Children and the GDPR (see below), updated guidance on the lawful basis of processing for ...
Shut out the noise: GDPR basics in four steps

Shut out the noise: GDPR basics in four steps

Have you been approached by a cold caller trying to sell GDPR training or claiming to be a GDPR expert?
Protect your school against GDPR data breaches and fines

Protect your school against GDPR data breaches and fines

Guidance from the Article 29 Data Protection Working Party has been issued on the approach schools should take when considering fines for data breaches and non-compliance of the GDPR.

Subscribe to email updates

TWEET US @9ineConsulting

Awards & Accreditations