19 posts categorised "Stewart Room"

15 February 2018

Personal Data Breach Notification needs incident detection capability confirms EU regulators

The Article 29 Working Party has recently published updated guidance on the Personal Data Breach notification rules in Articles 33 and 34 of the General Data Protection Regulation (GDPR). The original version was published on 3rd October 2017. The most illuminating part of the update concerns the requirement for organisations...

14 December 2017

The maximum fines for undertakings

Are companies exposed to fines at 2% or 4% of their worldwide annual turnover, or are they exposed to fines based on the group worldwide annual turnover, assuming that they are part of a group? Articles 83(4) and (5) talks about ‘an undertaking’, which means a single entity. They do...

29 August 2017

GDPR programme emerging trends

By Stewart Room Follow @StewartRoom The GDPR countdown continues and at PwC we're expecting September to bring a rush of new requests for support, as people come back from their summer holidays fully recharged and ready to tackle their programme to do lists. Over the summer we have been preparing...

14 June 2017

Applying GDPR to the legacy data environment and the processor engagement framework

By Stewart Room How to handle the "legacy data" environment is one of the big challenges of the GDPR. For the purposes of this blog "legacy data" means personal data that are processed before and after the GDPR comes into force. The key question is whether the law requires a...

17 March 2017

Italian Garante Fines

By Stefano Cancarini and Flavia Messina Follow @stefanoPwc With a recent decision, the Italian Data Protection Authority issued fines for over 11 million Euro to five companies operating in the money transfer sector. It is the highest sanction ever applied for unlawful processing of personal data by a Data Protection...

30 June 2016

Brexit - How will it affect the GDPR in the UK

By Stewart Room Follow @StewartRoom Click on the link below for our latest insights on the potential data protection impacts arising from the UK's vote to leave the European Union. Businesses outside of the UK and UK and European citizens can be confident that after Brexit, the UK with continue...

04 May 2016

The GDPR has been published!

By Jane Berry View Jane Berry’s profile Following the flurry of activity around the EU General Data Protection Regulation (GDPR) in April, the final text was published in the Official Journal of the EU today. The GDPR will enter into force 20 days from its publication in the Official Journal,...

02 March 2016

Privacy Shield - it's impressive, but you may not see it that way

By Stewart Room Follow @StewartRoom The new EU-US Privacy Shield is clearly the result of much hard work by civil servants on both sides of the Atlantic. It would be churlish to deny the effort that has gone into putting the Shield together. Certainly the U.S. has moved a long...

16 December 2015

GDPR – EU privacy law version 2 is here, so let’s get ready!

By Stewart Room Follow @StewartRoom After four long years of political processes, business lobbying and endless articles, blogs and tweets, the General Data Protection Regulation is here. And last’s night’s compromise even managed to deliver some surprises, such as the maintenance of the compulsory Data Protection Officer (DPO) requirement and...

26 November 2015

Safe Harbour and GDPR - the OAS solution

By Stewart Room Follow @StewartRoom Operational Adequacy Schemes - a solution to the real harm questions at the heart of the Safe Harbour judgment and the GDPR. To find out more about PwC's view, click here: http://bit.ly/1PVYnh8 Stewart Room | Partner | PwC Legal Stewart.Room@pwclegal.co.uk | +44 (0)20 7213 4306...