Five hundred charities breach GDPR

More than 500 data breaches were filed by Charities last year according to England’s Information Commissioner. The figures are revealed in the body’s latest annual report. It says it received 11,854 reports of personal data breaches from all sources during the year to the end of March, down from 13,840 in the previous year. Charities […]

RNID announces that all staff will work remotely from September

RNID will permanently close its offices and move all staff to remote working from 1 September, the charity has said. Harriet Oppenheimer, the charity’s deputy chief executive, argued that the decision was the best way to ensure that employees are “connected and work productively”. She announced the change last week during an online debate organised […]

Three years of GDPR: the biggest fines so far

It’s been three years since the introduction of Europe’s data privacy and security law on 25 May 2018. GDPR governs the way organisations that operate within the EU can use, process and store consumers’ personal data. At first smaller firms and start-ups feared they did not have adequate resources to fully comply with its rules. […]

Facebook faces mass legal action over data leak

Facebook users whose data was compromised by a massive data leak are being urged to take legal action against the tech giant. About 530 million people had some personal information leaked, including, in some cases, phone numbers. A digital privacy group is preparing to take a case to the Irish courts on behalf of EU […]

What are the GDPR Password Requirements?

The new General Data Protection Regulation (GDPR) which comes into force in May 2018 does not outlaw the use of a simple username and static password system for accessing personal data, but GDPR does state that data access procedures need to be secure. More specifically, the law states in Article 32(1) “the controller and the […]

Dartington Hall Estate dossier ‘breached data protection rules’

A country estate breached data protection laws when it listed a campaigner as an Extinction Rebellion supporter, a data watchdog has said. Devon’s Dartington Hall Estate published a dossier of group members campaigning to stop development on its land, including personal information. The Information Commissioner’s Office (ICO) said it “infringed” data laws by naming a […]

Late Reporting of GDPR Breach Results in €475,000 Penalty for Booking.com

Booking.com has been penalised and fined to the tune of €475,000 ($560,000) after being found guilty of failing to report a data breach within the time period set down by the European Union’s General Data Protection Regulation (GDPR). The GDPR breach took place during 2018 in the United Arab Emirates (UAE) when telephone scammers targeted […]

Data breach punishments and question what they might mean for the charity sector

Organisations of all kinds – and that includes charities – can face heavy fines if they suffer data breaches leading to the loss or exposure of confidential information. The negative publicity and the financial penalty following a data breach are bad for businesses, but for charities they can be devastating. That’s because of the loss […]

Scottish council apologises for data breach

Scottish Borders Council has apologised ‘unreservedly’ for a data breach affecting 600 customers. The council had been contacting residents that were eligible for a payment, but three emails were sent to multiple individuals where all recipient email addresses were visible. A Scottish Borders Council spokesperson said: ‘We would like to apologise unreservedly to all our […]

Mitigating information security risks during lockdown

Many staff have had to adapt to new ways of working in response to the current Covid-19 situation, which has seen increased home working as staff adjust to new ways of working or take on new roles. Working practices have had to change in response, changes which bring about new opportunities but also risks. Local […]