GDPR one year on
May 2019 marks the first anniversary since the General Data Protection Regulation came into force. What has changed in the world of privacy and data protection since then? BH Consulting looks at some of the developments around data breaches, and we briefly outline some of the high-profile cases that could impact on local interpretation of […]
BH Consultings guide to data classification
As information security professionals, we often face a challenge when trying to explain what we mean by ‘data classification’. So here’s my suggestion: let’s start by not calling it that. In my experience, the minute you call it that, people switch off. Our role should be to try to engage an audience, not scare them […]
Five data protection tips from the DPC’s annual report
The first post-GDPR report from the Data Protection Commission makes for interesting reading. The data breach statistics understandably got plenty of coverage, but there were also many pointers for good data protection practice. I’ve identified five of them which I’ll outline in this blog. Between 25 May and 31 December 2018, the DPC recorded 3,542 […]
No-deal Brexit and GDPR: here’s what you need to know
Business craves certainty and Brexit is currently giving us anything but. At the time of writing, it’s looking increasingly likely that Britain will leave the EU without a withdrawal agreement. This blog rounds up the latest developments on data protection after a no-deal Brexit. (Appropriately, we’re publishing on Data Protection Day, the international campaign to […]
Health research and the issue of consent
By 30 April of this year, any organisation conducting health research in Ireland must either get consent to GDPR standard or else obtain a consent declaration. But in order to do the former, they need to know what explicit informed consent is (also known as GDPR-level consent). The problem is, a lot of people don’t […]
Nine for 2019: New Year tips for cybersecurity and privacy professionals
A new year is almost upon us, and that means one thing: resolutions. Easily made, even more easily broken, they’re nevertheless a useful way of setting goals for the next 12 months. We asked Brian Honan, Tracy Elliott, Sarah Clarke, Valerie Lyons and David Prendergast to share their tips for information security practitioners and privacy […]
Yule never believe it: we sleigh the myth about GDPR and Santa
So we’ve all seen the jokes on WhatsApp and Facebook about Santa’s lack of GDPR compliance and how this would all be changed for Christmas 2018. You know the one: He’s making a list He’s checking it twice He’s gonna find out who’s naughty or nice Santa Claus is in contravention of article 4 of […]
Data protection impact assessments for health research: what’s changed under GDPR?
Since GDPR came into effect on 25 May this year, the health regulations have been updated to incorporate more stringent requirements around protecting personal information during healthcare research. The newly updated Health Research Regulations 2018 have raised the bar for carrying out a data protection impact assessment (DPIA). This post is the first in a […]
Beyond governance, risk and compliance: privacy, ethics and trust
We are currently experiencing the fourth industrial revolution (FIR), characterised by a blurred fusion of all things physical, digital and genomic. Each revolution has been accompanied by a privacy legislation wave, linking its governance to the accelerating pace of change. So we find ourselves in the fourth privacy wave, where technological changes outpace regulation – […]
Conference trick: how to choose worthwhile security and privacy events – and which to avoid
When I started out in my career, I always believed that speakers at conferences were ‘selected’ on the basis of their contribution to the profession. I believed that if someone was on a stage speaking to an audience, they had something important to say – and it was important for me to hear it. I […]