The GDPR has significantly transformed the global data protection landscape. The Regulation gives EU residents more power over their privacy and personal data, and places stricter controls on the organisations that handle this data.
GRCI Law are data protection, data privacy and cyber security specialists. Our team is led by experienced DPOs, lawyers, barristers, and information and cyber security experts. Our free resources aim to offer advice you can trust to help you make an informed decision about your needs when it comes to data privacy and cyber security protection and compliance.
Delivered by:
As we recover from the pandemic, hybrid working has proven hugely popular with individuals and organisations. However, IBM’s Cost of a Data Breach Report 2021 found that the average cost of data breaches at organisations with more than 80% of employees working remotely was $5.54 million (about £4.1 million) – $1.3 million (about £0.96 million) more than the overall average of $4.24 million (about £3.13 million).
Delivered by:
According to Mimecast’s State of Email Security 2020 since the pandemic began, phishing attacks have increased in 63% of organisations.. In addition, Verizon’s 2021 Data Breach Investigations Report found that 36% of data breaches involved phishing, and 85% of breaches involved a human element.
Download our free infographic to get a basic understanding of how to handle data breaches under the GDPR (General Data Protection Regulation).
The GDPR sets a strict 72-hour window for an organisation to report certain data breaches. Our infographic outlines the steps to take when handling a data breach.
Download this informative guide to:
Under the GDPR, data subjects have the right to request access to the personal data processed or collected about them by an organisation. This request is known as a data subject access request or DSAR.
Collating relevant information to respond to DSARs can be challenging and time consuming, particularly as the requestor’s identity must be verified, data should be screened and third-party consent may need to be obtained.
To find out how GRCI Law’s DSAR as a Service can help your organisation manage the DSAR process on your behalf to ensure compliance with the GDPR, download our brochure.
With Brexit looming large and COVID-19 creating new challenges and opportunities for privacy professionals, our GRCI Law’s data protection experts answer burning privacy questions in this panel discussion and Q&A session as they discuss the key privacy challenges organisations face in 2020.
The panel consists of specialists in data privacy and GDPR compliance who have vast experience managing data subject access requests, data breach reporting, the DPO’s role and responsibilities, EU data transfers, contractual rights and general GDPR/DPA compliance.
The enforcement of the General Data Protection Regulation (GDPR) in May 2018 eliminated the cost barrier (in most cases) for an individual to submit a data subject access request (DSAR), increasing the burden on organisations to provide their customers with their records in a shorter amount of time at no cost.
Therefore, handling DSARs in line with the GDPR’s requirements and ensuring that there is suitable evidence of processing a request can be a challenge for most organisations.
DSARs are becoming increasingly common, and failure to respond can lead to the data subject making a complaint to the Information Commissioner’s Office (ICO), which could result in serious fines and sanctions.
Under the GDPR, many organisations are required to appoint a DPO. Are you one of them? Find out what the DPO does, if you need to appoint one and how to fill the role in this easy-to-read guide.
This guide explains:
Learn about the key challenges of Data Protection Officers (DPOs) .
According to the IAPP (International Association of Privacy Professionals, as many as 75,000 new DPOs are now needed globally. However, being a relatively new role, there is a vast shortage of talented candidates and a lack of understanding as to what the role of DPO entails.
Finding the time to adequately execute the tasks and responsibilities could prove challenging. While a DPO must have access to all personal data processes and activities within the organisation, the complexity of the job role can often prove challenging.
GRCI Law is a legal, risk and compliance consultancy firm, advising clients in the fields of data protection, data privacy, cyber and information security law. We are at the forefront of developments in this constantly evolving, challenging and complex field.
To find out more about us and the services we offer, download our brochure.