Free resources

The GDPR has significantly transformed the global data protection landscape. The Regulation gives EU residents more power over their privacy and personal data, and places stricter controls on the organisations that handle this data.

GRCI Law are data protection, data privacy and cyber security specialists. Our team is led by experienced DPOs, lawyers, barristers, and information and cyber security experts. Our free resources aim to offer advice you can trust to help you make an informed decision about your needs when it comes to data privacy and cyber security protection and compliance.

Webinar | Data breaches – before and after they occur

Delivered by:

  • Cliff Martin, Cyber Incident Responder, GRCI Law
  • John Potts, Operations Director, GRCI Law

As we recover from the pandemic, hybrid working has proven hugely popular with individuals and organisations. However, IBM’s Cost of a Data Breach Report 2021 found that the average cost of data breaches at organisations with more than 80% of employees working remotely was $5.54 million (about £4.1 million) – $1.3 million (about £0.96 million) more than the overall average of $4.24 million (about £3.13 million).

Read more

Flash briefing | 20 minutes on how to handle a data breach

Delivered by:

  • John Potts, Operations Director, GRCI Law
  • Cliff Martin, Cyber Incident Responder, IT Governance
  • Martin Fletcher, Consultant, DQM GRC

According to Mimecast’s State of Email Security 2020 since the pandemic began, phishing attacks have increased in 63% of organisations.. In addition, Verizon’s 2021 Data Breach Investigations Report found that 36% of data breaches involved phishing, and 85% of breaches involved a human element.

Read more

Free infographic | Beginner’s guide to data breaches and the GDPR

Download our free infographic to get a basic understanding of how to handle data breaches under the GDPR (General Data Protection Regulation).

The GDPR sets a strict 72-hour window for an organisation to report certain data breaches. Our infographic outlines the steps to take when handling a data breach.

Free PDF download | The Data Breach Survival Guide

Download this informative guide to:

  • Understand the importance of being prepared for breaches;
  • Appreciate why preventive, detective and responsive measures are all important;
  • Get a step-by-step walkthrough of a typical breach response process; and
  • Understand your regulatory obligations with respect to breach reporting.

Data Subject Access Requests (DSAR) brochure

Under the GDPR, data subjects have the right to request access to the personal data processed or collected about them by an organisation. This request is known as a data subject access request or DSAR.

Collating relevant information to respond to DSARs can be challenging and time consuming, particularly as the requestor’s identity must be verified, data should be screened and third-party consent may need to be obtained.

To find out how GRCI Law’s DSAR as a Service can help your organisation manage the DSAR process on your behalf to ensure compliance with the GDPR, download our brochure.

Panel discussion and Q&A | Privacy and compliance challenges organisations face in 2020

With Brexit looming large and COVID-19 creating new challenges and opportunities for privacy professionals, our GRCI Law’s data protection experts answer burning privacy questions in this panel discussion and Q&A session as they discuss the key privacy challenges organisations face in 2020.

The panel consists of specialists in data privacy and GDPR compliance who have vast experience managing data subject access requests, data breach reporting, the DPO’s role and responsibilities, EU data transfers, contractual rights and general GDPR/DPA compliance.

  • Host and moderator: Christina Maclean, Head of Business Development
  • Panellist: John Potts, Head of DPO, DSAR and Breach Support
  • Panellist: Rachel McKinney, Head of Data Privacy Management

Read more

Webinar | Managing data subject access requests (DSAR) in a timely and cost-effective manner

The enforcement of the General Data Protection Regulation (GDPR) in May 2018 eliminated the cost barrier (in most cases) for an individual to submit a data subject access request (DSAR), increasing the burden on organisations to provide their customers with their records in a shorter amount of time at no cost.

Therefore, handling DSARs in line with the GDPR’s requirements and ensuring that there is suitable evidence of processing a request can be a challenge for most organisations.

DSARs are becoming increasingly common, and failure to respond can lead to the data subject making a complaint to the Information Commissioner’s Office (ICO), which could result in serious fines and sanctions.

Read more

Free PDF download | The Data Protection Officer (DPO) Role – A beginner’s guide

Under the GDPR, many organisations are required to appoint a DPO. Are you one of them? Find out what the DPO does, if you need to appoint one and how to fill the role in this easy-to-read guide.

This guide explains:

  • What a DPO does;
  • When organisations are required to appoint a DPO;
  • Where they should appoint their DPO;
  • How the DPO fits into the organisation;
  • The experience and qualifications a DPO needs; and
  • The benefits of outsourcing the DPO role.

Webinar | Challenges for data protection officers (DPOs)

Learn about the key challenges of Data Protection Officers (DPOs) .

According to the IAPP (International Association of Privacy Professionals, as many as 75,000 new DPOs are now needed globally. However, being a relatively new role, there is a vast shortage of talented candidates and a lack of understanding as to what the role of DPO entails.

Finding the time to adequately execute the tasks and responsibilities could prove challenging. While a DPO must have access to all personal data processes and activities within the organisation, the complexity of the job role can often prove challenging.

Read more

Free PDF download | GRCI Law Corporate Brochure

GRCI Law is a legal, risk and compliance consultancy firm, advising clients in the fields of data protection, data privacy, cyber and information security law. We are at the forefront of developments in this constantly evolving, challenging and complex field.

To find out more about us and the services we offer, download our brochure.