Data Protection Commission Ireland

What are the principles of data security under the GDPR? Access Control - A data controller has a duty to limit access to personal data on a "need to know" basis, with greater access limitations or controls applying to more sensitive data. Read our guide on Data Security here: https://lnkd.in/ey9hgxUB

🗃 Case Study After withdrawing a loan application, the complainant in this case wrote to the bank stating that they were withdrawing consent to the processing of any personal data held by the bank relating to the application and requesting the return of all documents containing the complainant’s personal data. 👉 https://lnkd.in/eHUWEXjd

GDPR Myths - From hairdressers to fire brigades, and paramedics to community CCTV schemes. In this podcast, Head of Communication Graham Doyle, looks at some of the myths around the GDPR: https://lnkd.in/esSqqmAp

What are the principles of data security under the GDPR? Data Collection and Retention Policies - Holding any personal data presents security risks. A data controller should always know what data it holds, where it is held and how it flows through the organisation. Read our guide on Data Security here: https://lnkd.in/ey9hgxUB

🔎 Case Study Following a complaint to a professional regulatory body, the complainant in this case alleged that the regulatory body had inaccurately recorded personal data relating to them in the minutes of a meeting and in a letter to a third party. 👉 https://lnkd.in/eRymAC_g

As technology advances, cameras in the home are becoming more common. In this podcast, we look at some of the queries we receive relating to CCTV at home: https://lnkd.in/dN6BrMAT

What are the principles of data security under the GDPR? The Law - The GDPR places an obligation on organisations to implement data protection by design and default and appropriate technical and organisational measures to ensure a level of security appropriate to the risk. Read our guide on Data Security here: https://lnkd.in/ey9hgxUB

📚 Case Study The complainant in this case was a borrower from a credit union. The credit union disclosed the name, address, former address, family and employment status of the complainant to a private investigations firm with the intention of locating and communicating with the complainant regarding arrears on a loan. 👉 https://lnkd.in/euhphr-N

🎧 In this podcast, DPC Head of Communications Graham Doyle looks at contacting organisations on behalf of someone else and the issues that you can run into if you are not the account holder. Listen here 👉 https://lnkd.in/eWg8upt3

What are the principles of data security under the GDPR? The increasing amounts of personal data processed and held gives rise to security challenges for the organisations that collect that data. In this guidance note we identify certain issues that data controllers and data processors should consider when developing their security policies. Read our guide on Data Security here: https://lnkd.in/ey9hgxUB