Loading

Tag: UK

Tag: UK

UK-US Data Bridge heralds a new era of transatlantic data flow

Alongside the EU- and Swiss-US Data Privacy Frameworks, the implementation of the UK-US Data Bridge heralds a new era of transatlantic data flow, emphasizing the importance of data protection.   On 12th October 2023, a significant milestone was achieved as the UK-US Data Bridge officially became law, marking a new era of transatlantic data flow.

Guidance on international transfers from the ICO

The UK’s ICO has published guidance on international transfers for businesses and organisations which process personal data.   In the aftermath of the publishing of the International Data Transfer Agreement (IDTA) and the Addendum to the European Union Standard Contractual Clauses (SCCs), the ICO has published guidance on international data transfers. This guidance includes a

UK Department for Education reprimanded by the ICO

The ICO has issued a reprimand to the UK Department for Education, relating to the misuse of personal information of children.   Following an investigation into the use of a database of pupils’ learning records by Trust Systems Software UK Limited, the ICO believes this to be a case of poor diligence on the part

Live marketing phone calls: Guidance from the ICO on remaining in compliance with PECR

The ICO released guidance on making live marketing phone calls, to help organisations remain in compliance with the PECR.   The ICO has released guidance for organisations on live phone calls made for marketing purposes, to help organisations to remain in compliance with the Privacy and Electronic Communications Regulations (PECR), also known as ePrivacy Regulations.

Illegal profiling and predatory marketing calls lead to a fine of £1.48 million for Easylife

Easylife was fined £1,480,000 for illegal profiling and predatory marketing calls which resulted in several complaints to the ICO.    The ICO has fined Easylife Ltd £1,350,000 for using the personal information of 145,400 customers to target them with health-related products after predicting their medical conditions based on previous purchases without their consent. The company

Data Access Agreement comes into force between the UK and the U.S

The UK and the U.S. have recently signed a Data Access Agreement to aid the respective countries in combating crime.    An agreement came into force on October 3rd, 2022 between the Government of the United Kingdom and the Government of the United States. The Agreement focuses on the access to electronic data for the

Subject access requests left unanswered lead to several reprimands

Unanswered subject access requests have lead to reprimands for seven organisations from the ICO.  The UK’s Information Commissioner’s Office (ICO) has taken action against seven organisations which have failed to respond to members of the public when presented with a Subject Access Request (SAR). Under the UKGDPR, individuals should be able to request from an

ICO marks the anniversary of the Children’s Code

ICO marks the anniversary of the Children’s Code: “Children are better protected online in 2022 than they were in 2021.”   The Children’s Code was implemented in September 2021 and has led to major changes in children’ access to online services, including adverts and profiles. The Children’s Code, which revolutionised how children are treated in

Dealing with Data Protection Complaints as a Small Business

The ICO has published a guide for businesses on dealing with data protection complaints.   At times, simply  having data protection policies in place is not enough. Handling the data of customers, employees, and contractors can be a sensitive process and must be handled as such. There are times when businesses may experience data breaches

Unlawfully obtaining personal data results in the prosecution of former Health Advisor

A former Health Advisor pleaded guilty to, and was prosecuted for unlawfully obtaining personal data, and was ordered to compensate his victims.    A former Health Advisor has been prosecuted for obtaining the personal data of service users, particularly patients of South Warwickshire NHS Foundation Trust. He was found guilty of accessing the medical records