£120k fine for TV company for data protection breaches at maternity clinic

tv production company fined by ico

The ICO has issued a fine of £120,000 to True Visions Productions for breaches of data protection legislation. The case involves the company recording patients at a maternity clinic at a Cambridge hospital. They set up CCTV style cameras to record patients in the clinics. None of the footage that was recorded was viewed by any …

Read more£120k fine for TV company for data protection breaches at maternity clinic

Have you suffered as a result of a data breach? You may be due compensation

have you suffered due to a breach

Slightly reminiscent of the “have you had an accident at work that wasn’t your fault” campaigns of injury lawyers, a law firm in Widnes has filed a lawsuit against Ticketmaster in relation to a security breach it suffered on the Live Nation website last year. Hayes Connor Solicitors are asking for anyone affected by the …

Read moreHave you suffered as a result of a data breach? You may be due compensation

£145k fine for data sharing process failings

ICO fine council for gang matrix breach

In April 2019 the ICO issued a fine for £145,000 to the London Borough of Newham for unlawfully disclosing personal data of more than 200 individuals who were featured on the Metropolitan Polices “Gang Matrix” intelligence database. The data in redacted and unredacted forms were shared with 44 recipients including external organisations and voluntary agencies. It’s …

Read more£145k fine for data sharing process failings

Data ethics – why data processing is about more than data protection

the rise in ai and data protection and data ethics

When we talk about the processing of data we usually think about data protection or the GDPR and how it applies to the lawful processing of the data. Of course, data protection regulation is all about the processing of personal data, data that can identify an individual, and whilst some of the complexities of data …

Read moreData ethics – why data processing is about more than data protection

Are you being asked to sign model clauses because of Brexit?

signing model clauses because of brexit

As the Brexit turmoil continues in the UK with the UK government still to agree on an appropriate way forward, EEA businesses are gearing up for a no-deal Brexit. When that comes to data protection, as we’ve discussed before, Brexit, particularly a no-deal Brexit could have implications for your businesses if you’re processing EU citizen’s data …

Read moreAre you being asked to sign model clauses because of Brexit?

First GDPR fine in Poland for breach of Article 14 of the GDPR

GDPR fine for Article 14 breach

The Polish data protection authority (UODO) has fined a company PLN943k (about £188k) for failure to inform data subjects about how they came to have their data and how they were planning on processing it (Article 14 of the GDPR). Article 14 is part of the GDPR’s “right to be informed” provisions that require you …

Read moreFirst GDPR fine in Poland for breach of Article 14 of the GDPR

What’s new on the Hub: April 2019

Digital Compliance Updates

Here’s an overview of new content and features added to the Hub in the last month New maintaining compliance content Overview of expectations around maintaining compliance and being able to demonstrate it Maintaining compliance checklists Data compliance health check interactive checklist Data protection audits An article on data protection audits Brexit and data protection An …

Read moreWhat’s new on the Hub: April 2019

Pension company fine highlights perils of bad advice and non-compliance

ICO fines company for unsolicited emails

Grove Pension Solutions Ltd has been fined £40,000 for sending just over 2 million unsolicited emails. What’s interesting about this case is that a third-party was used to send the emails making use of hosted marketing campaigns. They even checked with a data protection expert and lawyer before instructing the marketing program to be carried …

Read morePension company fine highlights perils of bad advice and non-compliance

Small businesses at greater data and cyber-security risk

small businesses not doing enough to protect cyber security

According to the Would you be ready for Cyber Attack? report from Business in the Community small businesses are not investing as much time or money into their own cyber-security as medium size businesses. The report also makes the point that often small and medium businesses can be a threat to the security of larger businesses …

Read moreSmall businesses at greater data and cyber-security risk

ICO fines Vote Leave for marketing consent failings

ICO fines vote leave for marketing consent failings

Vote Leave has been fined £40,000 by the ICO for sending over 196,000 unsolicited text messages in the run up to the 2016 Brexit referendum. The enforcement has been actioned as a breach of the Privacy and Electronic Communications Regulations (PECR) which regulate (amongst other things) direct marketing activities. Specifically PECR requires organisations to have …

Read moreICO fines Vote Leave for marketing consent failings