Emily Martin
Bio
I'm a longstanding GDPR/data protection/privacy specialist with huge experience of both in-house and private practice, gained working across a range of sectors including hi-tech science, media, publishing, higher education, and IT.
Stories (8/0)
ISO 27701:2019 and the GDPR
The GDPR principles and the DPA set out the legal requirements for data protection and privacy, but they do not provide detailed guidance on specific measures organizations should take to safeguard personal data. ISO/IEC 27701:2019 (ISO 27701) fills this gap by offering a best practice framework for implementing a Privacy Information Management System (PIMS) and enhancing data protection and privacy capabilities.
By Emily Martin9 months ago in Education
Transferring Personal Data Outside of the EEA
The blog focuses on Article 28 of the GDPR, which outlines requirements for data processors in the context of data transfers outside the European Economic Area (EEA) in accordance with the GDPR principles. One of the methods to legitimize such transfers is through the use of standard contractual clauses (SCCs).
By Emily Martin9 months ago in Education
What is the UK International Data Transfer Agreement and What Are the Implications?
The Information Commissioner's Office (ICO) presented alterations regarding limited international transfers of personal data to Parliament on 2 February 2022, in accordance with GDPR principles. The international data transfer agreement (IDTA) and the UK Addendum to the existing standard contractual clauses (SCCs) issued by the European Commission are the subsequent measures taken to establish a transfer mechanism that ensures compliance with the UK GDPR, adhering to GDPR principles, when engaging in restricted transfers of personal data.
By Emily Martin10 months ago in Education
What is the UK International Data Transfer Agreement and What Are the Implications?
The Information Commissioner's Office (ICO) presented alterations regarding limited international transfers of personal data to Parliament on 2 February 2022, in accordance with GDPR principles. The international data transfer agreement (IDTA) and the UK Addendum to the existing standard contractual clauses (SCCs) issued by the European Commission are the subsequent measures taken to establish a transfer mechanism that ensures compliance with the UK GDPR, adhering to GDPR principles, when engaging in restricted transfers of personal data.
By Emily Martin10 months ago in Education
Avoiding Email Data Security Breaches
Email is a double-edged sword, offering both advantages and disadvantages in accordance with the GDPR principles. On one hand, it provides the benefit of fast and convenient communication, along with the ability to maintain an audit trail of conversations, promoting transparency and accountability. On the other hand, email poses a substantial information security risk, potentially violating the principles of data protection outlined in the GDPR. In recent years, numerous significant fines imposed by the Information Commissioner's Office (ICO) have been the result of basic human errors in email communication, highlighting the importance of implementing appropriate safeguards and adhering to the GDPR principles to mitigate such risks.
By Emily Martin10 months ago in Education
In-house Resource vs Virtual DPO
When considering the resourcing of a Data Protection Officer (DPO), organizations have two main options: the in-house route or the outsourcing route. Each option has its pros and cons, and the choice depends on various factors specific to the organization. Let's explore the advantages and considerations of each option in alignment with the GDPR principles:
By Emily Martin11 months ago in Education
Analysis of Fines Imposed by the Information Commissioner’s Office in 2022
When aiming for GDPR compliance, it is important to assess the areas where organisations are failing to comply with the regulations. To gain insights into this, URM has conducted a thorough review and analysis of the fines imposed by the Information Commissioner's Office (ICO) in 2022, the privacy regulator in the UK. This analysis also aims to identify any notable differences compared to the previous year, 2021.
By Emily Martinabout a year ago in Education