Articles

ADVISORY NOTE 10/2024 – Using Bcc To Send Bulk Emails

Background The Blind Carbon Copy (Bcc) function can be a useful tool when sending emails, as the recipients cannot see who else the email was sent to. It is often relied on when sending emails to a group of individuals so as not to reveal the recipients to one another (as would be the case … Read more

ADVISORY NOTE 03/2024 – charities, trustees & Data protection

Background The third sector is an integral part of the UK economy. With an annual income of £56bn and employment growing faster than other sectors, this is an opportune time for charities to look inwardly on themselves in terms of their compliance with data protection legislation. Charities can be global or national or small and … Read more

Practice Note: Staff Privacy Notices

Introduction 1.1 Individuals have the right to be informed about the collection and use of their personal data. This requirement is set out in the data processing principles found within Article 5 of the UK General Data Protection Regulation (UK GDPR); specifically, Principle 1, which requires processing to be lawful, fair and transparent). Articles 13 … Read more

ADVISORY NOTE 05/2023 – UK-US Data Bridge

BACKGROUND The UK’s Department of Science, Innovation and Technology (DSIT) recently announced that as from 12th October 2023, new UK legislation, namely the Data Protection (Adequacy) (United States of America) Regulations 2023 (SI 2023/1028) will allow businesses in the UK to transfer personal data to US organisations certified to the “UK Extension to the EU-US Data … Read more

ADVISORY NOTE 07/2022 – International Data Transfers

Update to Advisory Note 02/2022 published in February 2022 UK-based organisations sending personal data outside the UK or making it available toorganisations in other countries need to comply with the rules on international transfers.In some cases, as this document will explain, it may be necessary to enter into a contract toprovide safeguards for such transfers … Read more

ADVISORY NOTE 06/2022 – National Data Opt-Out

The national data opt-out is a service that allows patients to opt out of their confidential patient information being used for research and planning purposes. in line with the recommendations of the National Data Guardian in her Review of Data Security, Consent and Opt-Outs. The deadline for health and care organisations to comply with the … Read more

  • Certified Information Systems Auditor
  • Certified Information Security Manager
  • Certified Information Systems Security Professional
  • In association with National Cyber Security Centre
  • Cyber Essentials
  • Cyber Essentials Plus
  • IASME Cyber Assurance - Level Two
  • IASME Cyber Assurance - Level One
  • An ISO 9001:2015 Certified Company
  • Official Supplier to National Care Association