GDPR Starter Kit helps xWave Technologies to get compliant and build customer trust as it scales
Company background Referring patients for digital imaging is a complex process for many doctors, consultants, and GPs. xWave Technologies is a healthcare start-up that set out to solve challenges in efficiency, transparency, and accountability of existing radiology process. It developed xRefer, an easy-to-use cloud platform that lets clinicians quickly find the most appropriate scan to […]
CCTV & Surveillance: Insights from the DPC annual report for Irish Local Authorities
State sector surveillance as well as local authorities’ use of CCTV cameras was a key focus for the DPC in 2020 as highlighted in the recently published DPC annual report. Nine local authorities were involved in these inquiries and two decisions were issued during 2020. These inquiries highlighted various weaknesses within CCTV systems, including the […]
BH Consulting webinar looks at EU data transfer fallout from Schrems II
In our latest webinar, we looked at the EU data transfer fallout from Schrems II. Any company transferring data outside the EU needs to identify any risks arising from international transfers to ensure it can comply with EU levels for protecting personal data. That was one of the key conclusions from BH Consulting’s webinar about […]
What’s changing for Standard Contractual Clauses?
For organisations needing to transfer data internationally, Standard Contractual Clauses (SCCs) are one option for staying compliant with the GDPR. But following the Schrems II ruling last summer, SCCs have been upgraded. In the third blog in our series on the CJEU ruling, Sarah Clarke looks at what’s changing for SCCs. SCCs are one of […]
Lessons for Irish DPO’s from the DPC’s Twitter fine decision
So, the day everyone in Ireland with a passing interest in data protection has been waiting for finally arrived yesterday. December 15th, 2020 brought an early Christmas present for us all as the Data Protection Commission published its first decision into the data processing activities of one of the many multinational companies based in Ireland. […]
International Transfers – Understanding the EDPB Guidance
The European Data Protection Board (EDPB) has issued its anticipated recommendations that describe how controllers and processors transferring personal data outside the European Economic Area (EEA) may comply with the ‘Schrems II’ ruling from now on. This is the second blog in our series on the evolving international transfers landscape following the Court of Justice […]
Is California’s new privacy law just an Act? (CPRA)
When the California Consumer Privacy Act (CCPA) became effective on 1 January 2020, California became the first U.S. state with a consumer privacy law. According to the State’s attorney general, CCPA “gives consumers more control over the personal information that businesses collect about them”. On 3 November 2020, Californians then voted in favour of Proposition […]
Lawful processing after Schrems II – a practical guide for continued compliance
The fallout from the European Court of Justice (CJEU)/Schrems II ruling on the validity of the US/EU Privacy Shield continues to have an impact on organisations. The ruling makes it challenging to transfer data to countries where equivalent data protection is not possible, leaving companies with the difficult task to find a defensible position for […]
Eight tips for dealing with international data transfers without Privacy Shield
For many organisations, the international transfer of data is essential to running their business and the recent CJEU ruling (also called Schrems ruling) will have had a significant impact on organisations operating outside the EEA. This is the first in a series of blogs exploring what this decision means for you. BH Consulting will analyse […]
Today’s ECJ Privacy Shield ruling
Today, July 16, the European Court of Justice (ECJ) ruled that the agreement to allow data transfer between the EU and the United States, known as Privacy Shield, is no longer valid. Under Privacy Shield, US intelligence services had access to this data for national security reasons but the EJC’s decision has struck out the […]