CNIL – causes of reported data breaches (May – October 2018)

The CNIL (the French Data Protection Authority) received 742 notifications of personal data breaches (and see the original report in French) that affected over 33 million individuals located in France or elsewhere. 695 related to confidentiality breaches. The accommodation and food services sector had the highest number of breaches – 185. This is due to a specific case… Read More

Behind the scenes: Deleting data from Google

You click Delete and your data is gone…..or is it? The IT infrastructure and services you use will not remove it straight away as you may need to recover it if the deletion was accidental, or it may need to be retained to meet legal requirements. For Google users, there are details of their four stage process… Read More

WADIFF Consulting help St Giles Trust get ISO27001 certification

St Giles Trust is a charity that helps ex-offenders and disadvantaged people to move their lives forward. Security requirements to obtain funding, and the expectations of partners, meant that ISO27001 certification to cover their six offices was becoming a ‘must have’ for the Trust. Where WADIFF Consulting make a difference Practical knowledge of implementing and… Read More

Don’t panic – stopping apps from accessing your emails

If you give an App access to your emails (and other data) it should come as no surprise that they use the access. And sometimes that could mean humans reading emails contents, and possibly not for the expected reason.  Here are ways to check who has access to your data in Google and Microsoft.com and… Read More

Password protecting your Word, Excel, PowerPoint and PDF files #MSOffice

A discussion about security measures with an SME I have been working with highlighted the need to provide some tips on how to protect files. They wanted to add passwords but were not sure of the best way to do this. So here is the way to do it in MS Office applications for Office365.… Read More

Legitimate Interests – 3 part test

Legitimate interests (LI) is one of the lawful basis for processing personal data. The ICO say it is appropriate “where you use people’s data in ways they would reasonably expect and which have a minimal privacy impact, or where there is a compelling justification for the processing”. The three parts to the test to identify a LI have been… Read More

Accountability and Governance – Documentation #GDPR #DPB

Details of documentation requirements for Accountability and Governance under the GDPR and Data Protection Bill are on the ICO website. A mind map has been created to act as a quick reference. Click on the image to view the full-size mind map. You can use the Checklist on the ICO website page to track what… Read More

Anyone talking about GDPR should include this slide! #ourGDPRstatus

It isn’t hard to find an event at the moment that is specifically about GDPR or includes sessions to cover different aspects of it. With so many companies talking about it and promoting products and services to help prepare for May 2018, you would think/hope they would be the ones that are well on their way… Read More

Things to consider when selecting a new office

Thinking of moving to a new location? Here are some security items you should consider when selecting your perfect office. Location Consider neighbourhood public health and safety issues Is there an unacceptably high incidence of crimes against people or property? Will employees feel safe walking alone at night? Do the police or other emergency services have… Read More

Why the Contact form had to go! #GDPR

We still want to be contacted so we can help businesses improve their information and cyber security, but from now on, please do it by email or by calling. Removing the website Contact form may seem extreme, but it eliminates a risk to personal data over which we have very little control. As everyone probably knows*, the… Read More