9ine Consulting Blog
Guidance from the Article 29 Data Protection Working Party has been issued on the approach schools should take when considering fines for data breaches and non-compliance of the GDPR.
To comply with the GDPR, you need to know when you are a Data Controller or a Data Processor and what your obligations entail. In fact, you may even be a Joint Controller.
G-Day is just six months away. As part of our ongoing guidance, here we look at Governance - one of the three main areas of GDPR, along with Data Protection and Cyber Security.
Data protection by design and default is a key feature of the General Data Protection Regulation (GDPR), which comes into force in May 2018.
When a data breach occurs, organisations must demonstrate to its supervisory authority the mechanisms they have in place to manage the GDPR. In the UK, the authority is the ICO.
The GDPR countdown is on. And, if you’re feeling confused by the endless technicalities, numerous clauses and threats of hefty fines, we’re here to cut through the noise with some plain talking.
The majority of schools will need to appoint or reaffirm the appointment of a data protection officer (DPO) to comply with the General Data Protection Regulation (GDPR). In this blog - the fifth in our comprehensive GDPR series – we explore the role ...
The GDPR is a complex subject. Not only does it contain 99 interlinked articles. To understand just one of your obligations, you often have to read multiple articles and review guidance on the ICO website.
As followers of our GDPR series will already be aware, compliance with GDPR is mandatory. (For an introductory overview, read our first GDPR article.) However, preparation takes time and is likely to be disruptive.
Your data protection obligations as a school are about to change significantly. Under the General Data Protection Regulation (GDPR) – legally enforced from May 25th, 2018 – your school is liable for fines of up to 4% of global revenue (or €20m, ...