We are well into September and many of us are finding it hard to shake off the 'back to school feeling' (which we are sure you will agree has been exacerbated this year).
It has been an unprecedented time for everyone, and privacy professionals are no exception (see the 'What a summer!' Section for a re-cap). The global pandemic has highlighted (once again) just how high data protection is on organisations' agendas and the minds of individuals.
Back to school –Fieldfisher's Covid toolkit
Whilst the return to the office may have been short-lived for some given new Government guidance, agile working becomes the new norm in the next few months. Organisations are presented with even more privacy considerations which need to be weaved into already 'stretched' privacy programmes and budgets.
Are you equipped to deal with these?
To help clients respond to the data protection issues thrown up by COVID-19 in this period, Fieldfisher's Privacy, Security and Information team has developed a toolkit of ready-made policies, training and other materials which can be purchased on an 'off-the-shelf' basis or tailored to your requirements (for optimal implementation) for a fixed fee. These policies, notices, training and other materials include notices for the processing of data on symptoms monitoring and employee working arrangements and policies to address heightened security risks resulting from the increase in phishing attacks and home working.
For further information about the toolkit please contact your regular Fieldfisher contact or email Nuria Pastor.
What a summer!
Whilst it may have felt that the whole world was focussing on COVID-19 (data protection regulators and professionals included), there have been other stories and updates (some more headline grabbing than others) we have reported on. Here is a quick re-cap:
- The fallout of Schrems II has shaken up compliance programs as organisations are grapple with international transfers of personal data. To catch up on our webinar here, the impacts of the decision and our article on the surveillance laws in the US.
- GDPR turns two! With this also came the European Commission's review of the GDPR's application. See our summary here.
- ICO issues its Age Appropriate Design Code coming into force on 2 September. Find out more about this here.
- BCRs and Brexit – are you affected? European Commission and the ICO provided updates to applicants regarding BCRs registered in the UK post Brexit. See a link to our Brexit series here.
- Whilst the ICO may have announced a pause on its adtech investigations, France's ruling on cookie walls this summer left the sector in limbo.
- Although enforcement actions haven't been regulators' main focus during this time, we've seen an increase of fines arising from breaches of the GDPR (as opposed to security) – whilst the monetary valued varied, the Italian DPA fined one company EUR 16.7million for 'insufficient basis for data processing'.
- Security incidents continue to hit headlines. Our webinar on recent security cases provides a useful update.
- Your lockdown 'get fit' plans may not have been successful… but there is still time to "Get Data Protection Fit" with our YouTube series which has run throughout the summer and continues to deliver nugget sized podcasts for novices and seasoned privacy professionals alike.
September has also brought the launch of the ICO's Accountability Framework, register to our 24 September webinar on accountability.
Happy September everyone!
Sign up to our email digest