bickster Posted September 29, 2023 Moderator Share Posted September 29, 2023 1 hour ago, Xela said: Saw GDPR title thread and knew Bicks would be all over it like a hungry dog eating sausages. Wasn't disappointed. You know you're gonna start him off mentioning sausages Link to comment Share on other sites More sharing options...
Rds1983 Posted September 30, 2023 VT Supporter Share Posted September 30, 2023 Interesting timing with this thread for me. I've just done a sideways move at the Bank from auditing supplier's GDPR controls and compliance (among many other things) to being a full time data privacy manager. 1 Link to comment Share on other sites More sharing options...
Rds1983 Posted October 4, 2023 VT Supporter Share Posted October 4, 2023 Following the ICO virtual conference yesterday they've published some guidance I'm sure some of you might find interesting: https://ico.org.uk/about-the-ico/media-centre/news-and-blogs/2023/10/ico-publishes-guidance-to-ensure-lawful-monitoring-in-the-workplace " If an organisation is looking to monitor workers, it must take steps including: Making workers aware of the nature, extent and reasons for monitoring. Having a clearly defined purpose and using the least intrusive means to achieve it. Having a lawful basis for processing workers data – such as consent or legal obligation. Telling workers about any monitoring in a way that is easy to understand. Only keeping the information which is relevant to its purpose. Carrying out a Data Protection Impact Assessment for any monitoring that is likely to result in a high risk to the rights of workers. Making the personal information collected through monitoring available to workers if they make a Subject Access Request (SAR)." Link to comment Share on other sites More sharing options...
bickster Posted October 4, 2023 Moderator Share Posted October 4, 2023 1 hour ago, Rds1983 said: Following the ICO virtual conference yesterday they've published some guidance I'm sure some of you might find interesting: https://ico.org.uk/about-the-ico/media-centre/news-and-blogs/2023/10/ico-publishes-guidance-to-ensure-lawful-monitoring-in-the-workplace " If an organisation is looking to monitor workers, it must take steps including: Making workers aware of the nature, extent and reasons for monitoring. Having a clearly defined purpose and using the least intrusive means to achieve it. Having a lawful basis for processing workers data – such as consent or legal obligation. Telling workers about any monitoring in a way that is easy to understand. Only keeping the information which is relevant to its purpose. Carrying out a Data Protection Impact Assessment for any monitoring that is likely to result in a high risk to the rights of workers. Making the personal information collected through monitoring available to workers if they make a Subject Access Request (SAR)." There seems to be absolutely nothing new in there. It all seems exactly as you’d think it was. Thanks for sharing though. Link to comment Share on other sites More sharing options...
Rds1983 Posted October 4, 2023 VT Supporter Share Posted October 4, 2023 52 minutes ago, bickster said: There seems to be absolutely nothing new in there. It all seems exactly as you’d think it was. Thanks for sharing though. I think it's more reiterating their stance and clarifying it again. There's a definite increase in firms wanting to do stuff like this so their keen to make sure firms don't cross the line as a lot of non DP people won't even consider the risks. 1 Link to comment Share on other sites More sharing options...
Rds1983 Posted November 15, 2023 VT Supporter Share Posted November 15, 2023 I'm curious how many People on the site have read the updated DPN or if I'm the only one? Link to comment Share on other sites More sharing options...
bickster Posted November 15, 2023 Moderator Share Posted November 15, 2023 13 minutes ago, Rds1983 said: I'm curious how many People on the site have read the updated DPN or if I'm the only one? Did you compare it to the last one and identify the changes? I did skip read it last night as I was in need of a solution to get me to sleep 1 Link to comment Share on other sites More sharing options...
limpid Posted November 15, 2023 Administrator Share Posted November 15, 2023 35 minutes ago, Rds1983 said: I'm curious how many People on the site have read the updated DPN or if I'm the only one? It's a privacy policy. \What does DPN stand for? Link to comment Share on other sites More sharing options...
Rds1983 Posted November 15, 2023 VT Supporter Share Posted November 15, 2023 36 minutes ago, bickster said: Did you compare it to the last one and identify the changes? I did skip read it last night as I was in need of a solution to get me to sleep Of course and I can see the change about Google analytics. Spoiler Not really. Limpid kindly told me in a DM as I'd asked him a question on it. I'm ashamed to say I hadn't read it before. Didn't know about Data Privacy when I joined the site and hadn't really considered it for here since. Link to comment Share on other sites More sharing options...
bickster Posted November 15, 2023 Moderator Share Posted November 15, 2023 21 minutes ago, limpid said: It's a privacy policy. \What does DPN stand for? Decentralised Private networks in my book It's another of those terms that has crept into some peoples usage erroneously, see also DSAR when it's SAR 1 Link to comment Share on other sites More sharing options...
Rds1983 Posted November 15, 2023 VT Supporter Share Posted November 15, 2023 Just now, bickster said: Decentralised Private networks in my book Data Privacy/Protection Notice. More formal way of saying the Privacy Policy and what they're called at work so is force of habit for me. It's also quicker to type. Link to comment Share on other sites More sharing options...
bickster Posted November 15, 2023 Moderator Share Posted November 15, 2023 1 minute ago, Rds1983 said: Data Privacy/Protection Notice. More formal way of saying the Privacy Policy and what they're called at work so is force of habit for me. It's also quicker to type. Yes but the point is that DPN actually already stands for something else Link to comment Share on other sites More sharing options...
rjw63 Posted November 15, 2023 Share Posted November 15, 2023 On 30/09/2023 at 07:42, Rds1983 said: Interesting timing with this thread for me. I've just done a sideways move at the Bank from auditing supplier's GDPR controls and compliance (among many other things) to being a full time data privacy manager. So that's why you're on VillaTalk all day. 1 Link to comment Share on other sites More sharing options...
Rds1983 Posted November 15, 2023 VT Supporter Share Posted November 15, 2023 23 minutes ago, bickster said: Yes but the point is that DPN actually already stands for something else Every three letter acronym has a multitude of meanings depending on the context. They're often potentially linked to which causes headaches. Link to comment Share on other sites More sharing options...
Rds1983 Posted November 30, 2023 VT Supporter Share Posted November 30, 2023 https://iapp.org/news/a/uk-gdpr-reforms-move-forward-in-uk-parliament/ "On 29 Nov., the proposed U.K. Data Protection and Digital Information Bill moved a step closer to passage. The U.K. House of Commons voted to avoid recommitting the bill following the recent introduction of U.K. government-backed amendments, instead moving the proposal to the report stage of consideration. If the recommittal vote succeeded, the bill and its proposed changes would've moved back to the committee debate. The bill, originally published 8 March — the first day of IAPP's Data Protection Intensive in London — seeks to make various reforms to the U.K. General Data Protection Regulation and Data Protection Act 2018." Some good, some bad, but feel it'll just be rewritten by Labour when they get in anyway. Link to comment Share on other sites More sharing options...
bickster Posted November 30, 2023 Moderator Share Posted November 30, 2023 1 hour ago, Rds1983 said: Some good, some bad, but feel it'll just be rewritten by Labour when they get in anyway. Or more likely completely forgotten about Link to comment Share on other sites More sharing options...
DCJonah Posted July 10 Share Posted July 10 So John Lewis have shared my mom's personal information with a complete stranger who lives on the same road. Fortunately this person came round to let her know, that after replacing a television, she was sent an order form with my mom's name, address, email address and phone number. She's sent two emails and John Lewis haven't responded. Any advice on the best way to deal with it? Link to comment Share on other sites More sharing options...
bickster Posted July 10 Moderator Share Posted July 10 7 minutes ago, DCJonah said: So John Lewis have shared my mom's personal information with a complete stranger who lives on the same road. Fortunately this person came round to let her know, that after replacing a television, she was sent an order form with my mom's name, address, email address and phone number. She's sent two emails and John Lewis haven't responded. Any advice on the best way to deal with it? When did she contact them and who did she contact? What is your ultimate aim with carrying out these actions? As data breaches go its particularly minor 1 Link to comment Share on other sites More sharing options...
DCJonah Posted July 10 Share Posted July 10 8 minutes ago, bickster said: When did she contact them and who did she contact? What is your ultimate aim with carrying out these actions? As data breaches go its particularly minor Think she contacted the local store that sent them out. She's just annoyed about it and want's to ensure it hasn't been given out to anyone else. I suggested she contact head office and have a moan to them but didn't know if there was a better way to go about it. Link to comment Share on other sites More sharing options...
Davkaus Posted July 10 Share Posted July 10 I agree it's fairly minor, but it'd piss me off enough to raise it formally, and the right way to do that is sending the details to DPO@johnlewis.co.uk rather than messing around with staff in store, who probably had nothing to do with it 1 Link to comment Share on other sites More sharing options...
Recommended Posts