Business Are there correct ways to respond to a GDPR subject access request?…By Martin Kayes, CISSP When a company receives a GDPR subject access request (SAR), they are legally obligated to respond promptly and appropriately to…
Business What you shouldn’t do when responding to a SAR…By Martin Kayes, CISSP When responding to a SAR you must consider whether the information you hold includes the personal details of, or infers…
Regulations What are the Lawful Bases of the GDPR and how do they apply to your business?…By Martin Kayes, CISSP There are 6 lawful bases for processing personal data under the UK GDPR (General Data Protection Regulation); the lawful bases…
Business You’ve suffered a data breach, now what?…By Martin Kayes, CISSP If your company experiences a data breach involving personal data, you are required to notify the Information Commissioner’s Office (ICO)…