The key to being successful at data privacy is awareness: of what you’ve got and what you do with it.
Much has been made of GPDR Article 30, which talks to the requirement to maintain a Written Record of Processing. This sounds grandiose, but in fact it can be simply described as “writing down what you do”.
The first thing to say is that for most* organisations under 250 people, it isn’t mandatory. However, life is made ...Continue Reading →