So you’ve been debanked…

Handley Gill’s data protection consultants consider the implications of the data subject access request (DSAR) submitted by Nigel Farage in the context of his de-banking dispute with Coutts & Co and its parent company Natwest, and advise how individuals can make a data subject access request (DSAR).

Nicola Cain30 July 2023Data Protection, Personal Data, GDPR, UK GDPR, General Data Protection Regulation, UK GENERAL DATA PROTECTION REGULATION, DATA PROTECTION ACT 2018, Article 15 GDPR, Article 15 UK GDPR, DATA SUBJECT ACCESS REQUEST, DSAR, SAR, Subject Access Request, Retained EU Law, Data Protection & Digital Information (No.2) Bill, Data Protection & Digital Information Bill, Data Protection Reform, Nigel Farage, Coutts & Co, Natwest, Alison Rose, Information Commissioner, Information Commissioner's Office, Data Regulation, Data enforcement, Financial Conduct Authority, FCA, ICO, AML, Anti-Money Laundering, Know Your Customer, KYC, Banking, Financial Services, Data Processing, SPECIAL CATEGORY PERSONAL DATA, Political Opinions, Religious or Philosophical Beliefs, Article 9 UK GDPR, Article 9 GDPR, Peter Flavel, Politically Exposed Person, PEP, Money Laundering Terrorist Financing and Transfer of Funds (Information on the Payer) Regulations 2017, Money Laundering Regulations, (SI 2017/692), Freedom of Expression, Free Speech, Financial Services and Markets Act 2023, HM Treasury, Freedom of Speech, Discrimination, Protected Characteristics, Religion or Belief, Data Subject Rights, Data Subject Access Request, Retained EU Law (Revocation and Reform) BillComment

CrapITa

Handley Gill’s data protection consultants consider recent supply chain cyber attacks, including the unfolding of the recent Capita and Zellis / MOVEit data breaches, and identify the steps data controllers should take when engaging data processors as part of their supply chain or giving third parties access to personal data, and the lessons to be learned for vendor management throughout the data processing lifecycle.

Nicola Cain10 June 2023Data Protection, Personal Data, Information Security, Cyber Security, Cyber Resilience, Cyber Attack, Data Breach, Supply Chain Risk, Supply Chain Security, Vendor Management, Capita, UK GDPR, UK GENERAL DATA PROTECTION REGULATION, DATA PROTECTION ACT 2018, Information Commissioner, Information Commissioner's Office, ICO, Pensions Regulator, Financial Conduct Authority, FCA, Data subjects, Compensation, Data litigation, Ransom, Ransom Payment, Department for Science Innovation & Technology, DSIT, Cyber Security Breaches Survey 2023, Article 25(1) UK GDPR, Article 25(1) GDPR, Data Controller, Data Processor, Data Processing Agreement, DPA, Data Processing, Article 28 GDPR, Article 28 UK GDPR, Article 32 GDPR, Article 32 UK GDPR, Cyber Insurance, Cyber Insurance Cover, Liability, Data protection impact assessment, DPIA, Administrative fine, Monetary penalty, Article 82(3) UK GDPR, Article 82(3) GDPR, Regulatory Action Policy, Article 33 UK GDPR, Article 33 GDPR, Article 34 UK GDPR, Data Breach Notification, Breach Response Plan, Incident Response Plan, Injunction, Injunctive Relief, Article 82 GDPR, Article 82 UK GDPR, CVE-2023-34362Comment

You know how i feel

Handley Gill Limited, and its specialist data protection consultants, respond to the Information Commissioner’s (ICO’s) consultation on its draft ‘Employment practices and data protection: information about workers’ health guidance, which address the use of special category data concerning health in the context of maintaining sickness, injury and absence records, occupational health schemes, conducting medical examinations and testing (including drug testing) and other health monitoring.

In the Firing Line?

ICO25, the Information Commissioner’s new draft strategic plan for the period 2022-25, currently open for consultation, identifies 15 industry sectors and data processing activities proposed to be the intended focus of the Commissioner’s investigations and enforcement activity in relation to data protection and the processing of personal data under the UK GDPR, Data Protection Act 2018 and Privacy and Electronic Communications Regulations (PECR), including recruitment, banking and finance, biometrics, the care sector, gambling, CCTV, law enforcement, health, AI and algorithms.