"Why Such a Fuss" - Podcast

“Why Such a Fuss” – Podcast

Episode 1 – What is personal data

In this episode, we are joined by James Fowler from Uptech Ltd, a cyber security expert, and we are discussing what constitute personal data.

Some interesting developments have taken place in the Data Protection world recently that you should be aware of

Communication from banks about rates are are no longer considered direct marketing
The Online Safety Bill is finally here and will become law soon
The UK-US Data Bridge for data transfer to the USA

If you would like to know more about GDPR and how it applies to your business we can be reached at info@cvgsolutions.co.uk alternatively on social media just search for CVG Solutions we are on LinkedIn, Facebook and Instagram or through our website www.cvgsolutions.co.uk

Episode 1.a – Can your dog be personal data?

In our previous episode we explored what constitute personal data such as name, address, phone number, email etc…which are the usual suspects. However, the GDPR defines personal data as ‘any information relating to an identified or identifiable natural person’ (natural person = living individual) therefore some information that at first they might not scream personal data in the right circumstances can absolutely be. This episode illustrates how that can be by relating a real event.

Episode 2 – What are the different categories of personal data?

Why is it important to understand the different categories of personal data and why the GDPR only applies to the data of living individuals. We also be talking about the various technical security measures that a business should implement to protect the data. This and more it’s what James and I are discussing in this episode.

Episode 3 – Alternative security measures

In the last episode James walked us through all the different technical security measures that an organisation can apply. In this episode I’m going to share with you alternative security measures that you should implement within your organisation.

such as:

Physical security
Clear Desk policy
Screen Lock policy
how to properly secure data on paper
Pseudonymisation
Anonymisation

Data Protection goes beyond IT and cyber security, it is everyone’s responsibility within the organisation

Episode 4 – Certification Myths

When a business registers with the ICO and pays the fee does the certificate that the ICO issues a confirmation of compliance?

James and I are discussing this and more in this episode

Episode 5 – ‘In the News’ – October 2023

Some interesting developments have taken place in the Data Protection world recently that you should be aware of

Communication from banks about rates are are no longer considered direct marketing
The Online Safety Bill is finally here and will become law soon
The UK-US Data Bridge for data transfer to the USA

Episode 6 – Why is training important

I aften get asked ‘why is training important?’ – my response is ‘you don’t know what you don’t’. There is no such thing as GDPR-compliant data or software. It’s the purpose and how it’s been used that makes it compliant.

Knowledge is power, it creates awareness it helps and support people to do the thing right, to eliminate errors which often leads to data breaches.

Awareness and understanding of the regulation is the first step to achieve compliance

Episode 7 – are Cyber Security and GDPR hard?

In this episode James, from Uptech, and I are discussing weather it is hard to implement cyber security and GDPR, which is a question that we both get often.

Like with many things having the correct understanding and information, instead of relying on what you might have heard from a non specialist on the subject in a networking, is key to get the correct perception which will be based on facts rather than on assumptions. This will then empower you to make the correct choices for you and your business.

Episode 8 – Accountability & Responsibility

What is the difference between Accountability and Responsibility? Can they be delegated? and if so to whom?

Can the GDPR accountability be delegated to a GDPR Professional?

Listen to James and I discussing this topic in details

Episode 9 – Cyber security vs Information Security (ISO 27001)

What is the difference between Cyber Security and Information Security (ISO 27001)? This and more is what James, from Uptech, a Cyber Security specialist) and I will be covering in this episode.

If you would like to know more about GDPR and how it applies to your business, we can be reached at info@cvgsolutions.co.uk alternatively on social media just search for CVG Solutions we are on LinkedIn, Facebook and Instagram or through our website www.cvgsolutions.co.uk

Episode 10 – What are candidates looking for in an employer

In this episode we are joined by Kate Jennett from Jennetts HR Solutions and we discuss what candidates are looking for in an employer in particular the new generations.

Episode 11 – Most common mistakes made by employers

In this episode Kate from JennettsHRSolutions will be exploring

Fair/unfair process
What not to ask the candidate
Interview techniques

while I will be covering what data an employer or recruiter is likely to collect during the recruitment process, what should and should not be collected and common pitfalls.

If you would like to know more about GDPR and how it applies to your business, we can be reached at info@cvgsolutions.co.uk alternatively on social media just search for CVG Solutions. We are on LinkedIn, Facebook and Instagram or through our website www.cvgsolutions.co.uk

Episode 12 – How to select the right candidate

Today we are going to focus on ‘How to select the best candidate from multiple applicants’

Kate from JennettsHRSolutions is sharing some techniques to help selecting the right candidate while I will be covering the use of psychosomatic testing as part of the recruitment process. How the data collected from these type of tests is medical data, which consequently falls under the special category data remit, and what additional provisions are required for its processing.

Episode 13 – Data Retention and Automated Deletion

Data retention is often talked about and int this episode I’m sharing some key points on this topic and James tells us how technology can support an organisation to stay in line with their retention policy.

Episode 14 – GDPR & IT Policies

In this episode James and I are covering not only what policies are required from a GDPR and IT perspective, we also discuss the difference between the two and the different perspectives. Often this area can be a bit muddy and unclear leaving businesses confused as to what it’s required.

Episode 15 – Privacy Notices

is it Privacy Notice or Privacy Policy? there is much confusion on this topic not only on the right terminology but also its purpose and function. There is also the misconception that it needs to be a boring long document and while it does have contain certain information it can take many forms.

and does a business just need one of this? and once is loaded on the website that’s it job done?

or does a business needs multiple variations to cater for the different situations? I suppose the clue is in the title

Join me in this podcast to find out the answers to all these questions and more.

Episode 16 – What an employer should do to attract talent

In this episode Kate and I are exploring the various channels available to employers to attract talent and not just volume but high calibre talent. We also discuss how to be perceived as an employer of choice and what information should be included in the job description to ensure the organisation is tapping into the right pool. And as always I talk about what GDPR obligations you should consider and be aware of.

Episode 17 – Next steps after selecting a candidate

Have you ever wondered whether you are taking the right steps after selecting the candidate? perhaps there’s something you’ve missed or something you should be doing differently.

Fear not, Kate from JennettsHRSolution and myself are coming to the rescue.

Listen to this podcast to find out if a privacy notice should be included in conjunction with the employment contract and if you are collecting special categories data what are your obligations…and much more.

#gdpr #training #dataprotection #hr

Episode 18 – What training should be included in the induction process

Any organisation large or small should have am induction process and as part of this process training should be featuring rather high. The new member should be given an overview of the organisation, how to access and use the tools for the job and they should also be trained in GDPR. This applies to both permanent/temporary staff and volunteers. In fact it should apply to contractor/self-employed as well if your operating model uses this type of labour instead of employees.

Listen to this podcast to find out what you should be aware of when it comes to GDPR training, as it’s not a one size fit all proposition.

#gdpr #training #dataprotection

Episode 19 – How GDPR and Cyber apply to different size businesses

In this episode James and I exploring how GDPR & Cyber Security apply to different size businesses. Solopreneur, microbusinesses, large SME and charities.

This is a question that we often get asked so we thought to tackle it in this podcast

#gdpr #cyber #training #dataprotection

Episode 20 – Data Transfer

In this episode the focus is on data transfer, which is a complex subject and can be confusing.

We have taken this subject right back to the basic with the aim to provide clarity and understanding.

What is a data transfer?
The different types of data transfer
What safeguards you need to put in place if the transfer is to a country that does not have an adequacy status.

at the time of this recording the information contained are accurate. There have been some changes in the GDPR landscape with regards to transferring data to the USA and I would refer you to our Episdose 5 – ‘In the News’ episode

If you would like to know about GDPR and how it applies to your business we can be reached at info@cvgsolutions.co.uk alternatively on social media just search for CVG Solutions we are on LinkedIn, Facebook and Instagram or through our website www.cvgsolutions.co.uk

#gdpr #training #dataprotection

Episode 21 – Sending an email to the wrong recipient

Did you know that sending an email to wrong email address is the most common breach?

In fact is one of the top breaches reported to the ICO and while they seem innocent on the surface they can cause real harm to individuals.

In this episode I will be sharing some tips on how to avoid these type of data breaches – so listen in! 🙂

Episode 21.a – In The News

In this episode James and I are sharing some data security incidents that have recently taken place to keep you up to date.

The first covers the IT provider CTS who provides IT system to conveyancing firms which has suffered a cyber-attack, and a large number of conveyancing solicitors are unable to access the data and therefore complete the required legal transaction as part of buying and selling properties. Leaving a lot of homeowners in limbo delaying the process and disappointing many of their clients that they won’t be in their new home before Xmas.

The second is about fake QR codes scam that are on the rise and recently a woman has fell victim to fraudster in a £13,000 railway station QR code scam. They were able to apply for a loan within seconds while on the phone with the victim.

The third an incident that has taken place at NHS Fife where a non-staff member was allowed into a ward without any checks, granted access to 14 patients and allowed to administer care to one of them.

The final one is about the ICO and NCSC joining forces in structing solicitors to give the correct advice to their clients in case of ramson ware attacks.

Episode 22 – What is a data breach

If you were asked to explain what a data breach is, would you be able to raise to the challenge? Would you be able to explain it in a cohesive way and simple terms?

If the answer is No – then it might be worth you listening to this short podcast. Not only it provides you with a definition of a data breach that will enable you to recognise and identify them it also tells you what actions you should be taken and what it is appropriate to report it to the ICO.

Episode 23 – Actions to take in a Data Breach

What should you do if you have a data breach?

James and I are discussing what actions an organisation should be taking in the event of a data breach. Such as consider whether the data impacted was personal data and if so the categories of data, are you the controller or the processor, what type of data breach it was, was the breach intentional or unintentional. Assessing the impact of the data breach to establish if it is reportable to the ICO, how was the breach discovered will help an organisation to identify weaknesses. The importance of having an incident response plan and keeping a record of the incident and much more.

Episode 24 – HR & GDPR case studies

In this episode I share with you 3 real cases in which HR and GDPR meet and how to go about it the right way. I will explore how consent is not always the answer to everything which HR tends to use for everything. what steps to take when using 3rd parties in an employer/employee scenario and what exceptions are available during a negotiation.

Episode 24.a – Mr Bates vs The Post Office

Everyone is talking about it so I thought I’ll do a podcast with my view and explain how it could all have been avoided if they had applied GDPR and Data Protection by Design. People would have not lost their lives, their savings, their livelihood etc…

Happy listening!

Episode 25 – What can an organisation do to avoid a Data Breach

James, from Uptech, and myself will be discussing all of the measures that an organisation can take to avoid a data breach. From:

Technical security measures such as password and encryption
Physical security measures
organisation security measures
and some other obvious measures

Episode 26 – Controller vs Processor

What is a Data Controller and what is a Data Processor?

These are two key roles within the GDPR and it is important to understand which role your organisation fulfils to determine and understand your legal obligations.

In some instances you might be fulfilling both roles and so it’s essential to be aware what your business obligations are under one role and what your business obligations are under the other.

I will also be talking about what agreements must be in place between a controller and a processor.

#gdpr #dataprotection #risk

Episode 27 – Working from Home

When it comes to working from home from a GDPR perspective several things should be considered. First of all security. Secondly remote working policies.

Organisation must bear in mind that the employee has a right to privacy in their home and I explain what this means and how the organisation, perhaps unintentionally can over step the mark.

While James talks to us what consideration should be taken from a cyber security perspective.

#gdpr #dataprotection #cybersecurity

Episode 28 – Personal data in the workplace

Where is the data kept? Are you using a shared environment to store your data to facilitate collaboration amongst your workforce?

if you are, what are the things that you should be aware of with regards to data protection and security?

Do you know if a cross data transfer is taking place? and if so, do you know if the correct safeguards are in place.

what about USB? yes, some organisations are still using them

James and I are discussing all of these topics and more

Episode 29 – Intro to Training Progress

In today’s episode I’m joined by Laura Shaw, who is the Business Development manager at Training Progress and in a previous life a vet surgeon.

Laura and I have taken the opportunity to discuss how Training Progress can support a GDPR implementation and maintenance and how Laura and her team are using for that exact purpose.

I also explain how I use it with my clients to support my GDPR training.

Episode 30 – Training Progress cont…

In today’s episode Laura Shaw, who is the Business Development manager at Training Progress and in a previous life a vet surgeon, and I are continuing our discussion on how the Training Progress system can be used as a document management system.

Episode 31 – How Training Progress supports GDPR

In this episode Laura and I explain how Training Progress can support business and GDPR processes.

The GDPR has some key processes that any organisation must follows and so it’s important to have a robust system that can support them. The regulation also demands that in order for an organisation to fulfil its obligations it must have supporting processes that fit within the organisation’s operating model.

If you would like to know more about GDPR and how it applies to your business and it can set your business apart from your competitors, please get in touch. We can be reached at info@cvgsolutions.co.uk alternatively on social media just search for CVG Solutions we are on LinkedIn, Facebook and Instagram or through our website www.cvgsolutions.co.uk

Episode 32 – Buy & Selling your Vet Practise

I’m joined once again by Laura Shaw from Training Progress who in a previous life was a Vet Surgeon and Nurse Manager to discuss what should be considered when buying and selling a practice.

And as usual there is a GDPR element to it as well – after all the aim of this podcast is to generate awareness of GDPR and how it features in all aspect of a business.

#gdpr #sellingandbuying #veterinary

Episode 33 – ISO9001 & GDPR, What do they have in common?

I am joined by Annie Mcneely, ISO 9001 implementer and auditor, and we discuss how ISO9001 and GDPR support each other and the key elements that they have in common.

In this episode we are focusing primarily on the differences and the similarity between the two disciplines

Keep listening for upcoming episodes where Annie and I will be discussing:

A Process Driven Approach – why leadership buy-in and accountability are important
Document and Record Management
Change Management
Risk management
Business Continuity
Continuous Improvement
Quality

#gdpr #ISO #dataprotection

Episode 34 – A Process Driven Approach

Annie Mcneely, ISO 9001 practitioner, and I are keeping on with the ISO 9001 & GDPR theme and in this episode we discuss the importance and benefit to an organisation to having a process driven approach.

Having processes in place and documented it enables the organisation to put in place measures to facilitate business/service continuity, which is one of the topics that we are going to be discussing in future episodes.

#gdpr #ISO #dataprotection #processes

Episode 35 – What is Records Management and Why it’s important

Both ISO 9001 and GDPR make reference to Records Management and its importance so Annie McNeely and I explore this subject to provide clarity and understanding.

Cristina says => “Under the GDPR records management enables sound data governance – which is essential for good data protection. Having an effective records management system in place helps to support access to information…..”,

#gdpr #ISO #recordsmanagement #data #dataclassification

Episode 36 – Change Management

In this episode Annie McNeely and I are going to address Change Management and why it plays an important part in any organisations, large or small.

How change management helps an organisation to identify and manage risks and how had the Post Office carried out some key steps would have avoided the pitfalls and prevented over 500 postmasters and postmistresses suffering.

When done correctly change can be of great benefit to an organisation and bring great rewards.

#gdpr #dataprotection #ISO #quality #changemanagement

Episode 37 – Risk Management

Annie Mcneely, an ISO 9001 practitioner, and I will be talking about Risk Management, which is present both in ISO 9001 and GDPR and we want to highlight it’s importance.

It features quite often in the GDPR putting obligations on organisations to carry out risk assessments especially when introducing change and in ISO 9001 is about mitigating risks to the business with regards to customer satisfaction and retention.

Risk Management is a good practise that all organisations should have in place which allow them to capture, manage and control risks that a business might face.

#ISO #gdpr #riskmanagement #data #standards #quality #dataprotection

Episode 38 – Business Continuity

What is a Business Continuity and why it’s important for an organisation to have one. As part of the GDPR & ISO common themes programme Annie McNeely and I talk about this very subject in this episode.

Something to consider is that a Business Continuity plan covers the entire business – processes, assets, personnel and more. It is not just focused on IT and systems.

Why both GDPR and ISO put a strong emphasis on a business having a Business Continuity and how it support a smooth return to Business As Usual (BAU).

#gdpr #iso #businesscontinuity #processes #disasterrecovery #dataprotection

Episode 39 – Continuous Improvement

Annie and I continue our journey of discussions and this time we are diving into Continuous Improvement which is all about constantly finding ways to make things better, smoother, and more efficient.

Constantly finding ways to improve operations is crucial for staying ahead in our ever-evolving world. Continuous Improvement is at the core of many other methodologies, standards, and regulations.

Hope you enjoy our discussion and reflections on this topic! There are some fantastic tips for you to take away and apply them in your business.

#gdpr #iso #continuousimprovement #methodologies #standards #dmaic #itil #pdca

Episode 40 – Quality

Hello and welcome to the Why Such a Fuss podcast, your go-to source for all things related to data protection, broader disciplines, and business matters. Today, we’re delighted to have Annie McNeely, an ISO 9001 practitioner, back on the show.

In this episode, Annie and I dive into the topic of ‘quality.’ We explore what quality entails and why it holds paramount importance for any business endeavour.

Tune in to this concise podcast to glean invaluable insights and enhance your awareness on the subject.

#gdpr #dataprotection #quality #standards #ISO9001 #business #valueadd

Episode 41 – Why AI undermines Democracy

In this exciting episode, Emma Martin (former Data Protection Commissioner of the Channel Islands and now Chief Commissioner for the DMC) joins me for a lively discussion on the fascinating world of AI! Together, we’re diving deep into how this technology could shake the very foundation of our democracy.

Our conversation is sparked by the eye-opening book ‘Why AI undermines Democracy and What to do about it’ by Mark Coeckelbergh. It’s the inspiration behind our passionate exchange of ideas!

Join us as we navigate the twists and turns of AI’s impact on democracy. Spotlighting the critical necessity for well-crafted guidelines, steadfast standards, and robust regulations to safeguard the essence of our democratic principles!

#AI #dataprotection #gdpr #democracy #innovation #dmc #compliance

Episode 42 – Women in Data Protection

Join us for an insightful discussion featuring the amazing Emma Martins, Chief Commissioner for the DMC, as we explore the pivotal role of women in the realm of Data Protection. Together, Emma and I explore the unique contributions women bring to this industry and the significance of achieving gender balance within it. We reflect on how the landscape of data protection fosters inclusivity and support, transcending the boundaries of competition to form a network of mutual encouragement and empowerment. Join us as we navigate the evolving dynamics and celebrate the invaluable presence of women in this vital field.

#dataprotection #gdpr #women #genderbalance #dmc #network #competition

Episode 43 – Challenges we face as DP Professionals

I’m talking once again with Emma Martins (Chief Commissioner of the DMC) and we explore how our very different career paths have led us to this profession and how we came across GDPR and fell in love with it. How we have faced many challenges and how we have overcome them.

If you would like to know more about GDPR and how it applies to your business and how it can set your business apart from your competitors, please get in touch. We can be reached at info@cvgsolutions.co.uk alternatively on social media just search for CVG Solutions we are on LinkedIn, Facebook and Instagram or through our website www.cvgsolutions.co.uk

#data #dataprotection #gdpr #law #compliance #career

Episode 44 – Educating the next generation

Previous episodes discussed how younger generations lack knowledge about data protection. In this episode, Emma Martins, Chief Commissioner of the DMC, explains how she addressed this issue as the Data Protection Commissioner of the Channel Islands.

Could this approach be applied across the UK?

#gdpr #dataprotection #commissioner #dmc #generations #children

Episode 45 – CCTV & Ring Door Bell for domestic use

Do you have a Ring doorbell or similar device at your home? Do you use CCTV cameras for home security?

If so, you may need to comply with GDPR, which governs data protection. Non-compliance could lead to serious consequences, including potential lawsuits from your neighbours.

In this episode, I cover what you need to know before installing monitoring devices like CCTV cameras and Ring doorbells. I’ll provide tips to help you avoid common pitfalls and share a real-life case study.

#gdpr #dataprotection #Ringdoorbell #cctv #doorbell #Ring

Episode 46 – Email Marketing

James, from Uptech, and I have a great discussion about email marketing. We covered why it’s important to get proper consent and the right way to do it, so you don’t run into legal trouble.

I particularly wanted to talk to James on this topic, given his 20+ years experience in the sales and marketing sphere, and ask him to share his thoughts.

#gdpr #pecr #dataprotection #directmarketing #emails #promotions #emailmarketing #consent #sales #marketing #promotionalemails #newsletter

Episode 47 – Why is it important to have a CRM and what are the benefits?

Mandy Allen from CRM Insight and I chat about how a CRM can boost customer relationships, increase satisfaction, centralise data, control access, automate and optimise processes, and improve data quality and records management.

If you haven’t yet introduced a CRM in your business or you’re thinking about upgrading your current one, tune in! You’ll discover some valuable insights.

#gdpr #dataprotection #crm #data #quality #processes #centralisation #standardisation #optimisation

Episode 48 – Processes ‘How a CRM supports them’

Today, I’m chatting with Mandy Allen from CRM Insight about how a CRM can really boost an organization’s workflow, especially in sales, and how it can help predict future sales. We’ll also cover some common pitfalls, what to keep an eye out for, and why having a CRM doesn’t relinquish you from your data protection obligations.

#crm #dataprotection #gdpr #software #process #data #sales #workflow #predictions

Cookie	Type	Duration	Description
_ga Google	Third party	1 day	Google Analytics tag used to distinguish one user from another
_gat Google	Third party	1 minute	Google Analytics tag. Sometimes appears as `_dc_gtm_<property-id>`.
_gid Google	Third party	2 years	Google Analytics tag used to distinguish one user from another

“Why Such a Fuss” – Podcast