The Flowz Blog

Now that the EU GDPR (General Data Protection Regulation) has been in effect for over a year, you’ve likely become acquainted with the term ‘personal data’. But what exactly does personal data mean? And did you know that the GDPR includes a sub-category of sensitive...

Financial services organisations have never been more at risk of data breaches. A recent report by RPC found that the number of data breaches reported by UK financial services firms increased 480% in 2018, with the retail banking sector seeing the largest relative...

If you’re familiar with ISO 27001, you’ll know that it’s the international standard for information security and contains the certification requirements that are expanded upon throughout the ISO 27000 series. There are 46 standards in total in the series (although...

Officials from the European Commission outline what Brexit will mean for GDPR compliance, including the current extension until the end of October. What happens to GDPR during the Brexit extension period? The UK remains an EU member state and so EU law is still...

GDPR – Six key stages of the Data Protection Impact Assessment (DPIA)The DPIA is one of the specific processes mandated by the General Data Protection Regulation (GDPR). Organisations must carry out a DPIA where a planned or existing processing operation –“is likely...

Unless businesses want to be on the front page; consumer trust in data privacy is essential. GDPR introduces the key principles of data privacy by design and default. Consumers and business are recognising that data privacy is more than just data...

Responding to a breach is not just about data, it is about taking care of, and protecting, customers   The new General Data Protection Regulation (GDPR) has shone a light on how businesses prepare for, and respond to, a data breach. With cyber criminals becoming...

In the two months following the introduction of the European Union’s General Data Protection Regulation (GDPR), 44% of businesses in the trade sector did not wipe the data from redundant IT equipment before disposal. This is the main finding of a survey of more than...

The Information Commissioner’s Office (ICO) has fined two companies that made nearly 1.73 million direct marketing phone calls to people registered with the Telephone Preference Service (TPS). It is against the law to make marketing calls to numbers that have been...

Many organisations have still not embedded data protection practices into their day to day business operations, according to Stewart Room, lead partner for the General Data Protection Regulation (GDPR) and data protection at PricewaterhouseCoopers (PwC). After a...