Before you can get into the detail of efficiently running a privacy program, most businesses go through one crucial step: making their executive team care and putting additional resources in. Let’s say you’re going into a meeting with management to pitch investing in technology to meet your increasing regulatory challenges.... read more →

For some, a Data Protection Officer (DPO) is a new role within their organisation. Others, like public authorities, have employed DPOs for years and they are used to working together harmoniously. But, within the private sector the DPO is a fairly new phenomenon. Any new role in an organisation is... read more →

Ever had to chase someone to complete a course, assessment or just respond to your questions about data protection? You are definitely not alone. Getting people to contribute and engage in your privacy program is one of the hardest parts of being a privacy professional. And it’s pretty understandable sometimes... read more →

There is great debate in the DPO community as to whether it is better for a business to have an in-house DPO, or an external one. I could settle it now and simply say: different businesses are suited to different things. But that would make a short and boring blog,... read more →

So you’ve got your records of processing in order, your training set up, and vendors are all under control. That’s great, but only applies to whatever day you last did a review of data processing practices in every department. The truth is, new projects come from all directions all the... read more →

There are two reasons why you may appoint a DPO; firstly, because the GDPR says you need one, and secondly, because you don’t need one, but you want one. I’m not going to talk about the regulatory requirements for a DPO, as there are plenty of blog posts around already.... read more →