If you’ve ever thought ‘we’ll slightly delay the newsletter so we can cover this new bit of news, then we’ll close it off’, don’t do that… the torrent never stops!…
They say third time’s a charm. Well, the UK’s GDPR Reform Bill, the DPDI, is back. On 7 November King Charles gave the King’s Speech, setting out the government’s agenda…
There’s a lot of discussion about the effect on DPOs of the senior responsible individual (SRI) under the UK’s GDPR reform bill, DPDI 23. We’ll give you our view in…
This article was first published in Thomson Reuters Regulatory Intelligence on 6 November 2023 and is the personal view of the author, Robert Baugh. Subscribers link. Free trial link. A potentially…
It’s Keepabl’s 6th birthday! I founded Keepabl on 2 November 2017. It’s been a crazy 6 years with ups and downs – and ups – I couldn’t have predicted. In…
We are excited to announce that Keepabl will again be present at this year’s second Privacy Space event in November. Not only that, we’re very proud to continue our 100%…
Privacy Shield, the adequacy decision under EU GDPR for transfers to the USA, fell on 16 July 2020. On 10 July 2023, three years later, the EC announced the EU-US…
We’ve lots of practical news for you again this month on the consistent themes of children, biometrics, AI, transfers and enforcement with some news on processing agreements (the other DPA).…
This article was first published in Thomson Reuters Regulatory Intelligence on 20 September 2023 and are the personal views of the author, Robert Baugh. Subscribers link. Free trial link. Biometrics have…
In a world where we’re more connected than ever, we understand the importance of effective communication, especially for groups and international businesses. Keepabl is committed to making our Privacy Management…
We’ve had a bumper month of announcements and action. As always, we’ve curated the news that has the most practical impact on operationalising Privacy at your organisation. We’ve practical updates…
You may have noticed we skipped our July newsletter covering June, apologies, so here’s a summer bumper edition! As always, so much to talk about with the new Privacy triumvirate…
Data Subject Rights or DSRs have been around for decades, but GDPR massively reinforced and extended them when it took effect in 2018 – five years ago now. Laws around the…
10 July 2023: EC adopts adequacy decision for the EU-US Data Privacy Framework! Here’s the announcement and here’s the 137-page DPF adequacy decision. The decision concludes that the United States…
Much of the 4 July 2023 decision by the European Union’s highest court is worth digging into. Stick with us for a longer read. We’ll start with the key points…
The Keepabl team is so proud to announce that Privacy Kitchen® has surged past a significant milestone, with over 4,000 subscribers! Thank you! As we celebrate this incredible achievement,…
Facebook (OK, Meta) just lost out big time with a fine of €1.2bn and orders to suspend transfers of personal data on EEA users to the USA within 5 months…
We’re one of the very few solutions named to the global RegTech100 for 3 years running so we were delighted to be selected to demo our Privacy Management Software at…
Children’s data increasingly in focus: UK ICO fines TikTok £12.7 million for GDPR breaches This article was first published in Thomson Reuters Regulatory Intelligence on 12 April 2023. Subscribers link.…
Which is the better hashtag to use on LinkedIn: #breach or #databreach #privacy or #gdpr? Before you read on, take a moment to think of your answer. Surprisingly #databreach has…
Spot check! Within 30 seconds, can you show us a list of all the entities involved in your organisation’s personal data processing, plus have them separated out by role, and…
Well, with previous regulators and commentators coming down on either side, and on the fence, over the DPF, no-one said the passage of the EC’s draft adequacy decision would be…
We’ve always believed that the Data Protection Officer (or DPO) is a very misunderstood role. It’s why we created these 3 great Privacy Kitchen videos [YouTube cookies and Privacy Policy…
We’re delighted to announce that Microsoft’s Azure AD joins Keepabl’s stable of supported Identity Providers for provisioning and managing your users in Keepabl through Single Sign-On with your favourite IdP!…
It’s back! The Year in Privacy Hurdles burst onto the scene at the end of 2021, bringing together the big action in Data Protection in the UK and EEA…
We were delighted to be joined in Privacy Kitchen by Chris Taylor, the UK ICO’s Head of Assurance whose team set up the ICO Sandbox, manages the ICO’s guidance and…
Privacy Space has burst onto the live event scene for data protection practitioners and – let’s face it – Privacy geeks. It was created as “an initiative that aims to…
SCARE ALERT! This Halloween, we’re aware that many are still using Excel to manage Privacy. Now, we love Excel and you can upload and download Excel in Keepabl, but there’s…
How do you benchmark your Privacy compliance? If you’re covered by GDPR, even if you’re not in the UK, there’s a good chance you’re thinking of the popular, gold-standard benchmark…
The UK government claims that the reforms in the draft UK Data Protection and Digital Information Bill, published by the government on 18 July 2022, will reduce ‘the burdens on…
Let’s answer the question up front: nowhere in UK or EU data protection law is it written that you have to call any document a Privacy Policy or Privacy Notice.…
Four years after application, GDPR is embedded in business as usual but it’s still seen as complex and difficult for those managing Privacy within organisations – Cisco says 90% of…
Let’s take a look at the key areas in the government’s response to the DMCS consultation and – if they get through into law – what changes, challenges or opportunities…
What is ESG? ESG, or Environmental, Social and Corporate Governance, is the evaluation of a company’s commitment to improving environmental and social factors and the governance part, reporting on them…
Managing Privacy can be tough, and for those who’ve been given GDPR as part of their daily work – someone in IT, Ops or Compliance 90% of the time as…
Why GDPR? The GDPR applied from 25 May 2018 to harmonise data protection law across the EU. It replaced the old 1995 EU Data Protection Directive – which each member…
Why Privacy Kitchen? Through all our market interactions since our launch in 2017, we kept seeing 3 very big issues for Privacy compliance. #1 Most people dealing with GDPR for…
EP Committee publishes draft resolution rejecting Draft Adequacy Decision on DPF, 14 February 2023 Well, with previous regulators and commentators coming down on either side, and on the fence, over…
The Schrems II decision came out nearly 2 years ago, on 16 July 2020. Given the enormous data flows from the EEA and UK to the USA, and many unanswered…
We’re all super excited at Keepabl – Thursday 3 March 2022 saw our biggest product release day ever, and the culmination of two key projects that have taken the best…
Update September 2022 There have been various other decisions from EU regulators since we wrote the blog below – all holding Google Analytics in the form reviewed was illegal under…
Venture Capital investors invest a finite sum of money into a finite number of businesses and aim for one portfolio company to ‘return the fund‘. It’s just the way the…
With any group of companies – or any other group structure – there are 7 GDPR Traps we see in the market. The good news is, they’re all easily solvable.…
We’re super excited here at Keepabl with our shiny new datacenter, solving for the Schrems II decision. And it comes with our shiny new front end, which we’ll be writing…
Aware of the stress that comes with working during a global pandemic, this year we’ve tried extra-hard to make things easier on the GDPR front in the way of product…
Keepabl now supports Single Sign-On (SSO), one of the pillars of Identity and Access Management (IAM) and best practice in securing your SaaS solutions. The 3 Fundamentals of IAM…
Article 6 GDPR contains 6 legal bases – easy to remember! Which is good as they’re super important: if you can’t rely on one of them for your processing, it…
The fifth annual RegTech100 was announced today by specialist research firm RegTech Analyst. Regarding Keepabl’s inclusion, RegTech 100’s Director of Research, Mariyan Dimitrov says: ‘We’re delighted to welcome Keepabl into…
Times Higher Education is the world-famous provider of insights on all things Higher Education, with almost 5 decades of experience. Their data and benchmarking tools, and their consultation offerings, are…
On 10 September 2021, the UK’s Department for Digital, Culture, Media & Sport (DCMS) launched Data: a new direction, a consultation seeking responses on a wide range of proposed changes…
We’ll look at 7 Decision Factors, both pros and cons, to help you make that decision, and explore a really interesting alternative. Let’s be positive and start with the 2…
A recent KPMG study, surveying 2,000 adults and 250 business leaders in the USA, reveals fascinating – and worrying – insights into how corporate data practices and consumer expectations are shifting. …
Breach of the Principles can lead to the highest fine under GDPR, namely the higher of 4% of global turnover or €20m under EU GDPR, £17.5m under UK GDPR. That’s…
St Giles Trust empowers people who are not getting the help they need, using their expertise and real-life past experiences. Between 2019 and 2020, the charity helped over 20,000 people,…
David Clarke, a very experienced UK-based Privacy and Security consultant working with public and private organisations of all sizes, was suitably impressed when he recently used Keepabl’s Privacy Management software…
In November 2020, the Financial Conduct Authority (FCA) warned firms to be responsible when handling client data, noting that: “Before transferring clients’ personal data, firms should consider whether this is…
Our award-winning Privacy SaaS is now available for purchase on Finastra’s FusionStore, allowing a wider range of Financial Services firms to benefit from GDPR compliance. Finastra’s Fusion Store allows Finastra’s…
Now is the perfect time to get your GDPR-house in order. Why? Well, read on! The UK’s opening back up 19 July 2021 is set to be the day…
We’re delighted that Secuvy, the leading Data Privacy and Security platform with integrations from over 200 Cloud Applications, Databases and Fileshares has joined the Privacy Stack! Here’s why Data Discovery…
Let the bells ring out, it’s Adequacy Day! 28 June 2021 and the European Commission formally adopted two adequacy decisions in favour of the UK – one under EU GDPR…
On 12 May 2021, the NHS announced the ‘General Practice Data for Planning and Research (GPDPR)’, daily collection of GP data to support vital health and care planning and research…
Well, that was a year! The thing with GDPR, is that it’s always so intense that you have to live in the moment, and it’s too easy to forget what…
Original posted on FinTECHTalents on 6 April 2021 The following is the first in a six part part series on GDPR & Financial Services from Keepabl. Keepabl will review how…
Watch the video on Privacy Kitchen! We’re very grateful to Copenhagen Business School for the opportunity to share this excellent interview by their Associate Professor, Pedro Telles, for CBS’s students. …
We’re about to build our DSR solution, integrated within our award-winning SaaS solution – and we want to hear from you first! Take our 9-question survey to become a ‘Roadmapper’…
Article 30 Records vs RoPA vs Asset Register vs Data Map Does it matter what you call it? Oh heck, yes. I mean, was Boba Fett in Star Trek? Article…
‘I need the Article 30 Records please’ If you believe some surveys, that request is a walk in the park for most organisations, given reported compliance with GDPR. We don’t…
We know you need to check the business case for any new solution in the best of times, but it’s critical now. So we’ve collated tons of useful material here…
The UK ICO’s detailed report on the 2,629 personal data breaches reported to it in Q1 2020 shows a startling fact: more breaches happened from mis-sending emails, faxes and mail…
GDPR’s just turned 2 – here’s our overview 25 May 2020 went past with a whisper compared to 25 May 2018. GDPR entered the ‘terrible two’s at a time when…
We’re delighted to announce the launch of Privacy Kitchen, your FREE video help on GDPR and all things Privacy. If you’re looking after GDPR compliance for your organisation, I bet…
Google’s recently announced that – due to Brexit – it’s changing data controller for UK users from Google Ireland to Google USA. This has led to some alarmist reporting. What’s…
Many organisations and advisers are looking for a clear, achievable way to demonstrate GDPR compliance status to the board and customers. Even better if it shows them the way to…
TL;DR A recent survey highlights the ethical dilemmas that arise from being an in-house lawyer. Robert Baugh, our lawyer-founder, believes these same dilemmas are being felt, and will continue to…
Trick question: is it legal for a national postal service to guess your political opinions from what they know about you, such as age and address, and sell that data…
Keepabl turns 2 on 2nd November 2019! Amazing to think we’ll be 2 years old tomorrow – the years have disappeared almost as quickly as this cake! It’s a great time…
Our experience is that, after the last 18 months working on spreadsheets to manage GDPR, many organisations are now looking for SaaS to bring its many benefits to ongoing GDPR…
All MSPs wanted to know about GDPR but were afraid (or just didn’t want) to ask! Join MSP thought leader and IT services consultant Richard Tubb, as he interviews our…
CompTIA’s unconference session, CompTIA UK Community meetup, Bristol, June 2019. The ‘unconference’ session is always a highlight of CompTIA Community meetups, and Bristol 2019 was no different. So much great…
Teacher’s report is in! Out of 10, how’s the first year of GDPR really gone? [This article originally appeared in Lexology on 10 June 2019] The European Commission created an…
The Privacy Stack Here at Keepabl, we often say that the Privacy sector, kickstarted into life by GDPR in 2018, is 30 years behind Security as a practice and industry. …
On 21 January 2019, the French Data Protection Authority (CNIL) hit Google LLC with an incredible fine of €50m. Implications of the decision for online account management and marketing will…
Why we’re doing the BPM Index. We created the BPM Index, and we’re maintaining and publishing the BPM Index, because we exist to help organisations (public and private) with their compliance. …
22 – yes 22 – lists of when a data protection impact assessment, or ‘DPIA’, is and isn’t required have been reviewed by the European Data Protection Board (the ‘Board’). The…
In a very welcome speech on 12 September 2018 to the CBI Cyber Security: Business Insight Conference, James Dipple-Johnstone (ICO Deputy Commissioner, Operations) summarised the UK ICO’s approach to security under GDPR and…
The GDPR only passed on 25 May 2018 and the Dutch DPA is now checking to see if businesses are complying with one of the most fundamental ongoing requirements: maintaining…
The enormous – and enormously valuable – flow of personal data from the European Economic Area to the world’s largest economy, the USA, is again at existential risk. This alone…
According to new findings from a Cordium and AmberGate survey, more than half of investment firms are unlikely to be ready for the European Union’s new General Data Protection Regulation…
Our latest Cordium Insights webinar outlines: best practices for assessing data processing, storage, and protection policies, tips for identifying and remediating control gaps and weakness and on how to develop…
Robert Baugh of Keepabl is a leading expert on GDPR and a consultant to companies where data protection and the management of confidential and sensitive data is paramount. Only two…