Podcast - Why Such a Fuss?

Explore all our podcast episodes on GDPR and data protection. This podcast aims to educate, empower, and enable businesses to grow and thrive while keeping their data safe and secure under GDPR guidelines. This podcast is hosted by our founder, Cristina Vannini-Goodchild, a fully qualified CIPP/E and C-DPO data protection specialist. If you want to know more about GDPR and how it applies to your business, email us at info@cvgsolutions.co.uk. Alternatively, you can find us on LinkedIn, Facebook, or Instagram

Episode 71 - is GDPR e-Learning really effective as a training tool?

Many businesses are under the impression that e-learning for GDPR is a worthwhile investment. In this episode I am discussing with Ralf O’Brien (a seasoned Global Protection Data Protection Officer and Security Advisor)  its effectiveness and whether online training is the right solution for learning.

We explore the ins and outs of e-learning versus traditional training what advantages it still holds. So, if you’re considering e-learning as a way to boost your GDPR knowledge, this episode is a must-watch.   

 

If you want to dive deeper into General Data Protection, feel free to reach out to us at 📧 info@cvgsolutions.co.uk Let’s get your business fully GDPR-compliant and thriving! 

 

#training #e-learning #gdpr #dataprotection #trainingneeds #trainingstrategy #traininganalysis #trainingassessment #personaldata

Episode 70 - is Data Protection a Hinder or Enabler?

Here is an eye opener: is Data Protection a Hinder or an Enabler?

This time we discuss again with Ralf O’Brien, a seasoned Global Protection Data Protection Officer and Security Advisor, whether data protection laws are truly a hindrance to business growth or a powerful enabler. In this conversation, we examine the key ways data protection can impact businesses of all sizes, uncovering how strategic compliance can actually drive business growth and advancement. Whether you’re a small start-up or a large enterprise, this episode sheds light on how businesses can view data protection not as a barrier but as a pivotal asset. 

If you want to dive deeper into General Data Protection, feel free to reach out to us at 📧 info@cvgsolutions.co.uk Let’s get your business fully GDPR-compliant and thriving! 

#gdpr #dataprotection #businessgrowth #business #growth #uniquesellingpoint #usp #dpo

Episode 69 - Data Protection Through the Ages

Data Protection’s Journey: From Origins to Today

Exploring the fascinating evolution of data protection, in this episode we are joined by Ralf O’Brien, a seasoned Global Privacy Data Protection Officer and Security Adviser.

We explore how data protection has transformed from its early beginnings to the critical cornerstone of modern-day compliance.

In detail, we discussed:

✅ The early days of data protection laws in the UK.

✅ The significance of Convention 108 and how it differs from the Data Protection Act.

✅ The distinctions between directives and regulations 

✅ The UK’s approach to data protection post-Brexit.

If you’re curious about the history and future of data protection or need insights into GDPR, regulations, and compliance, this episode is a must-watch.

 If you want to dive deeper into General Data Protection, feel free to reach out to us at 📧 info@cvgsolutions.co.uk Let’s get your business fully GDPR-compliant and thriving! 

#dataprotection #gdpr #dataprotectionact #convention108 #dpa2018 #brexit #data #personaldata #dpo #dataprotectionofficer

Episode 68 - GDPR/ISO Services: Separating Facts from Myths

Think you know GDPR and ISO compliance?

Think again! In the 68th episode, I team up again with Annie McNeely,(Quality Management System Professional and Certified ISO 90001 Auditor) to tackle the 10 most common myths we hear about GDPR and ISO services.

In this episode, we’ll clear up common misconceptions and provide you with the facts you need to make informed decisions about your business’s compliance journey. If you’re a business owner, manager, or simply curious about data protection and quality standards, this episode clears up the myths that might be holding you back.

Join us as we separate facts from fiction and learn how embracing compliance can actually benefit your organisation’s growth and trustworthiness.

If you want to dive deeper into General Data Protection, feel free to reach out to us at 📧 info@cvgsolutions.co.uk Let’s get your business fully GDPR-compliant and thriving! 

#gdpr #iso #myths #facts #training #compliance #informeddecision #quality #standards #data #protection #dataprotection

Episode 67 - Benefits of Hiring a Consultant

What makes hiring a GDPR/ISO consultant for your business so valuable?

Learn more in this episode as I team up with Annie McNeely (Quality Management System Professional and Certified ISO 90001 Auditor) to reveal the benefits that come with hiring consultants in GDPR and ISO.

You will learn:

  • How businesses gain access to a wealth of external expertise
  • Why our impartial perspective helps them see their processes from a whole new angle.
  • As consultants, we don’t just look at what’s there; we’re also skilled at spotting what’s missing
  • We use a holistic approach to provide businesses with the most comprehensive support.

If you’ve ever wondered why businesses turn to experts like us for guidance, this episode will tell you how our role can drive meaningful improvements and clarity.

If you want to dive deeper into General Data Protection, feel free to reach out to us at 📧 info@cvgsolutions.co.uk Let’s get your business fully GDPR-compliant and thriving! 

 

#gdpr #dataprotection #ISO9001 #quality #qualitymanagement #compliance #businessbenefits #consultant #consulting #hiring #externalconsultant

Episode 66 - The Most common challenges faced by consultants

Consulting It’s not all smooth sailing!

That is why in the 66th episode of our podcast, I team up again with Annie McNeely (Quality Management System Professional and Certified ISO 90001 Auditor), to uncover the key challenges we face as consultants working with small businesses and charities.

In this episode, we discussed:

The need for myth-busting misconceptions

Navigating the stop-and-start nature of projects

Business owners’ hesitation and lack of engagement

Limited understanding of the complexities of the work commissioned

Listen to this episode to learn about how we overcome the challenges we face as GDPR and ISO consultant 

If you want to dive deeper into General Data Protection, feel free to reach out to us at 📧 info@cvgsolutions.co.uk Let’s get your business fully GDPR-compliant and thriving! 

Episode 65 - Why Audits Matter for Your Business

Are audits a game-changer for your business, or just another daunting task on your to-do list?
 

Tune in to Episode 65 of our podcast, where we explore the topic of audits and why they’re crucial for your business’s success! We’re thrilled to have Annie McNeely, a Quality Management System pro and Certified ISO 9001 Auditor, share her insights on:

🎙️ How to get ready for an audit, step by step.

✅ When and how often you should conduct audits.

✅ Who should be in charge of internal audits?

✅ How audits can reveal areas for growth and improvement.

✅ Why audits can feel intimidating—and how to turn that fear into confidence!

We’ll unpack the true benefits of regular audits and give you practical tips to make the process easier and less stressful.

Want to learn more about General Data Protection? Reach out to us at 📧 info@cvgsolutions.co.uk, and let’s get your business GDPR-compliant and thriving!

Don’t miss this episode—hit play now! 🎧

 

#audits #gdpr #qualitymanagemet #system #continousimprovement #benefits #success #growth #opportunity

Episode 64 - Avoiding the biggest GDPR and Quality Management mistakes

Ready to take your business to the next level?

In this episode, consultants Cristina and Annie MacNeely dive into businesses’ most common mistakes when tackling GDPR and Quality Management – and how you can dodge them!

Whether you’re just starting out or in the middle of your journey, we have tips to help you stay on track and get the best value out of your consultants. We’re breaking down everything from involving the right stakeholders to making sure GDPR and quality management become part of your company’s culture.

Plus, you’ll get expert insights on how to implement strategies that set your business up for long-term success! Here’s what you can look forward to in this episode:

  • Why do you need all stakeholders onboard
  • The cultural shift you can’t ignore
  • Skipping critical process assessments
  • Don’t leave management to just one or two people
  • Speed vs. depth: Why rushing can backfire
  • Relying on generic documentation – big mistake
  • Ineffective training: How to avoid it
  • Why senior management must be involved
  • Missing GDPR and quality in new initiatives? 
  • Excluding these topics from meetings and communications
  • Why internal audits should happen more often
  • Choosing the wrong channel for your privacy notice
  • Relying on a web designer for cookie consent – a risky move
  • Avoid turning on unnecessary cookies by default

If you want to dive deeper into General Data Protection, feel free to reach out to us at 📧 info@cvgsolutions.co.uk

Let’s get your business fully GDPR-compliant and thriving!

#gdpr #dataprotection #compliance #qualitymanagement #qualitysystem #cultural

Episode 63 - FAQs on GDPR & Quality Management

In this episode, we explore the most frequently asked questions that we get asked from our clients as part of our consulting work. Join me and Annie McNeely, a seasoned Quality Management System Professional and Certified ISO 9001 Auditor, to get answers to your burning questions.

We discussed:

✅ The cost involved in our services.

✅ How long it takes to implement GDPR and a Quality Management system.

✅ Why businesses truly need a Quality Management system and GDPR compliance services.

✅ The importance of training

✅ Whether businesses need specialised software for data and quality management.

✅ Who is accountable.

✅ And much more Get ready to clear up any misconceptions and gain valuable insights into GDPR and Quality Management implementation.

Don’t miss this informative episode!

If you would like to know more about General Data Protection, feel free to contact us: 📧  info@cvgsolutions.co.uk

#gdpr #iso #qualitymanagement #compliance #dataprotection

Episode 62 - Cookies and Pixels 'What could possible go wrong?'

In this 62nd episode of our podcast, we have again Stef Elliott, a seasoned Digital Engineer, GDPR, and E-Privacy Professional, to discuss in detail “The Hidden Impact of Cookies and Pixels on Your Website Visit.

We explored:

  • How cookies and pixels are used by websites to track visitors and gather data.
  • How using data from web analytics tools can sometimes lead to unintended consequences.
  • Stef shares a real-life example where data from web analytics led to a bad user experience, while he also highlighted the delicate balance between effective data use and maintaining visitor trust.

This episode sheds more light on the power of cookies and pixels. Join us for an insightful conversation again!

If you would like to know more about General Data Protection, feel free to contact us: 📧  info@cvgsolutions.co.uk 

 

#gdpr #pecr #cookies #pixels #website #visitors #analytics

Episode 61 - What are the benefits of using Cookies and Pixels?

Say hello to Episode 61!

In this exciting episode, we continue our exploration of website cookies and pixels with Stef Elliott, a Digital Engineering expert. This time, we’re focussing on the benefits these digital tools offer to both businesses and end users.

Discover how cookies and pixels can

✅ Enhance the functionality of websites.

✅ Provide valuable insights for businesses.

✅ Offer personalised experiences for users.

✅ Support GDPR compliance. Join us as we delve more into the topic of cookies and pixels. Don’t miss this informative and engaging episode!

 

If you would like to know more about General data Protection, feel free to contact us: 📧  info@cvgsolutions.co.uk

 

#gdpr #dataprotection #pecr #cookies #pixels #website #consent #analytics #profiling #personalisation   

Episode 60 - What are Cookies and Pixels?

Here’s to Episode 60 with Us!

In this episode of our podcast, we’re joined by Stef Elliott, a Digital Engineer with deep expertise in GDPR and e-privacy. Together, we discuss the website cookies and pixels, unravelling the topic and exploring their impact on both businesses and users.

We discuss:

✅ What exactly are cookies and pixels, and how do they work?

✅ The difference between essential and non-essential cookies.

✅ The importance of defining the purpose of cookies on your website.

✅ Whether businesses truly benefit more from cookies than their customers. As a business owner, this episode offers valuable insights into the world of cookies and pixels.

Don’t miss out on our 60th episode! C

If you would like to know more about General Data Protection, feel free to contact us: 📧  info@cvgsolutions.co.uk   

#gdpr #dataprotection #cookies #pixels #consent #pecr

Episode 59 - Why Data Processing Matters!

In this episode, we yet again sit down with Data Protection expert Rowenna Fielding to unravel the importance of having a clear purpose for data processing.

We explore:

✅ Why it is important to have a clear purpose for data processing.

✅  Why businesses should continuously evaluate their purpose for data processing.

✅  The difference between data processing activity & data processing purpose

✅  A relevant technique for deciding data processing purpose. Join us as we discover how this essential step can help your business navigate the complexities of GDPR compliance.

 

If you would like to know more about General Data Protection, feel free to contact us: 📧  info@cvgsolutions.co.uk   

#gdpr #dataprotection #purpose #dataprocessing #compliance

Episode 58 - What is a Legitimate Interest Assessment?

Navigating the complexities of GDPR can be daunting for business owners, but understanding Legitimate Interest Assessments(LIA) is essential for compliance. That is why in the 58th episode of our podcast, I sit down with Data Protection expert Rowenna to break down the concept of an LIA and explore what makes a successful assessment.

In this episode of our podcast, you will learn:

✅ What makes a good LIA

✅  What LIA processes are worthwhile for businesses.

✅  Factors business owners should consider before carrying out an LIA.

✅  And many more Join us as we dissect the LIA process.

If you would like to know more about General Data Protection, feel free to contact us: 📧  info@cvgsolutions.co.uk   

#gdpr #dataprotection #lia #legitimateinterestassessment #compliance

Episode 57 - The 3 GDPR Approaches

Navigating GDPR can feel like a minefield for businesses. That is why we chose to use the 57th episode of our podcast, with data protection expert Rowenna Fielding, to dissect the different approaches businesses can take to tackle compliance.

We discuss:

✅ Common misconceptions about GDPR

✅ Data protection failures

✅ The importance of accountability in preventing data breaches.

Join us again as we uncover the realities of GDPR compliance and how businesses can protect themselves and their customers.

If you would like to know more about General Data Protection, feel free to contact us: 📧  info@cvgsolutions.co.uk   

 

#gdpr #compliance #dataprotection #approach

Episode 56 - Why is it important to treat people's data with integrity and respect?

Should you treat people’s data with integrity and respect? 

In the 56th episode of our podcast, we sit down again with Rowenna Fielding, a passionate Data Protection Officer and digital privacy advocate, to discuss the critical importance of treating people and their data with integrity and respect.

The key takeaways from this episode are:

✅ Why transparency is key for businesses handling customer data

✅ Data protection compliance by business owners Join us once again for a thought-provoking conversation about ethics, privacy, and responsible data management. 

If you would like to know more about General Data Protection, feel free to contact us: 📧  info@cvgsolutions.co.uk 

#gdpr #dataprotection #rightsandfreedom #transparency #integrity #personaldata

Episode 55 - What exactly is Personal Data?

Are you confused about what exactly is personal data under GDPR?

Click play to find out!

In the 55th episode of our podcast, we provide clarity on data protection with Rowenna Fielding, a seasoned Data Protection Officer.

We break down:

✅ The jargon of Article 4 of the GDPR into plain English

✅ Exploring what personal data really means in practical terms.

✅ Understanding why religion is classified as ‘Special Category’ data

✅When personal data is personal data in one scenario and not another Join us as we demystify all of these things about personal data. 

Why personal data is like ‘yellow sticker’

If you would like to know more about General Data Protection, feel free to contact us: 📧  info@cvgsolutions.co.uk 

 

#gdpr #dataprotection #personaldata #data #specialcategorydata #law #lawfulbasis

Episode 54 - Why deleting Old Data matters

Data Hoarders Beware! 

Holding onto unnecessary data can be risky for you and your organisation and may also violate GDPR.

In the 54th episode of this podcast, we have once again invited Scott Sammons, a Remote Data Protection Officer, to discuss the importance of data deletion.

You will learn:

✅ Why keeping data can be a major liability. 

✅ When data retention might actually be justified.

✅ The growing burden of data by endless email replies. 

✅ How to apply ROT (Redundant, Obsolete, Transitional) to data retention

Listen to our conversation and learn why you should declutter your data and keep your business GDPR compliant! 

If you would like to know more about General Data Protection, feel free to contact us: 📧  info@cvgsolutions.co.uk 

#gdpr #compliance #dataprotection #deletion #storagelimitation #dataretention #rot #declutter #redundatobsoletetransitional

Episode 53 - Opt-ins the right way

would you like to build trust with your customers and be ahead of your competitors? Then pay attention. In this episode, we’re once again joined by Scott Sammons, a Remote Data Protection Officer, to discuss the importance of getting your customers opt-ins the RIGHT WAY.

We discuss:

✅ The importance of complying with GDPR and practicing transparent opt-in methods. 

✅ The effectiveness of the option of customising privacy notice.

✅ The dangers of non-transparency in data collection. From this episode, learn why ethical data collection will help you build lasting trust with your audience! 

 

If you would like to know more about General Data Protection, feel free to contact us: 📧  info@cvgsolutions.co.uk 

 

#gdpr #pecr #marketing #opt-in #out-out #emailmarketing #digitalmarketing

Episode 52 - Is your Data safe?

Does the thought about sending data from the UK to the US bother you?

are you worried about its safety?

Fact is, data transfer regulations can be confusing, and many things could go wrong.

Join me in another podcast with Scott Sammons, a Remote Data Protection Officer, as we break down the fuss surrounding UK to US data transfer.

In this podcast, Scott explains:

✅Why data transfer between the UK and US can be a concern.

✅ The potential risks involved and what could go wrong with your data during transfer.

✅ How the UK data bridge programme can help protect your data during transfer.

✅ Who is eligible to use the data bridge programme?

 

As a business owner or individual who cares about the safety of their data, you will find this podcast educational! 

 

If you would like to know more about General Data Protection, feel free to contact us: 📧  info@cvgsolutions.co.uk

Episode 51 - AI Friend or Foe?

Is AI a friend or a foe?

How Does AI REALLY Affect Us?

AI is everywhere these days, but how exactly is it changing the world around us? Join me and Scott Sammons, a Remote Data Protection Officer, as we discuss the impact of AI development on humanity!

In this podcast, we discuss: The need for AI regulation and how AI may transform our work now and in the near future. We also talked about why transparency in the use of data matters in a world driven by data and understanding what data means and its use.

We wrapped up with the importance of data awareness as the world advances with AI. Whether you’re curious about AI or concerned about its impact, this podcast is for you!

If you’ve like this episode please give us a like and click on follow to avoid missing future episodes

If you would like to know more about General Data Protection, feel free to contact us:

📧  info@cvgsolutions.co.uk 

#gdpr #dataprotection #ai #data #compliance #risk 

Episode 50 - How can a CRM solution assist with customer service and support?

We’re excited to welcome back the wonderful Mandy Allen from CRM Insight! This time, we’re talking about how a CRM can help businesses quickly resolve customer issues. With a CRM, the support teams can easily access a customer’s history, preferences, and past interactions, leading to faster issue resolution and a more personalized experience.

I’ll also be covering some of the most common mistakes organizations make when using a CRM. These errors can lead to data leaks, misuse, and leave the company vulnerable to reputational damage and potential lawsuits. Stay tuned for some valuable insights!

 

#gdpr #dataprotection #crm #customerservice #customersupport #support #helpdesk #damage #dataleakage

Episode 49 - How can a CRM support your marketing campaign

In this episode, I chat with Mandy Allen from CRM Insight about how a CRM system can supercharge your business marketing campaigns. We dive into why accurate data is crucial, how to identify your target audience for the best results, and the right way to get consent, complete with real-life examples. Plus, I share the key criteria for valid consent and which CRMs you might want to avoid. Tune in for some valuable insights!

 

#gdpr #pecr # dataprotection #compliance #crm #marketing #campaign #directmarketing

Episode 48 - Processes 'How a CRM supports them'

Today, I’m chatting with Mandy Allen from CRM Insight about how a CRM can really boost an organization’s workflow, especially in sales, and how it can help predict future sales. We’ll also cover some common pitfalls, what to keep an eye out for, and why having a CRM doesn’t relinquish you from your data protection obligations. 
 
#crm #dataprotection #gdpr #software #process #data #sales #workflow #predictions

Episode 47 - Why is it important to have a CRM and what are the benefits?

Mandy Allen from CRM Insight and I chat about how a CRM can boost customer relationships, increase satisfaction, centralise data, control access, automate and optimise processes, and improve data quality and records management.

If you haven’t yet introduced a CRM in your business or you’re thinking about upgrading your current one, tune in! You’ll discover some valuable insights.

 

If you would like to know more about GDPR and how it applies to your business and it can set your business apart from your competitors, please get in touch. We can be reached at info@cvgsolutions.co.uk alternatively on social media just search for CVG Solutions we are on LinkedIn, Facebook and Instagram or through our website www.cvgsolutions.co.uk

 

#gdpr #dataprotection #crm #data #quality #processes #centralisation #standardisation #optimisation

Episode 46 - Email Marketing

James, from Uptech, and I have a great discussion about email marketing. We covered why it’s important to get proper consent and the right way to do it, so you don’t run into legal trouble.
 
I particularly wanted to talk to James on this topic, given his 20+ years experience in the sales and marketing sphere, and ask him to share his thoughts.
 
#gdpr #pecr #dataprotection #directmarketing #emails #promotions #emailmarketing #consent #sales #marketing #promotionalemails #newsletter

Episode 45 - CCTV & Ring Door Bell for domestic use

Do you have a Ring doorbell or similar device at your home? Do you use CCTV cameras for home security?

If so, you may need to comply with GDPR, which governs data protection. Non-compliance could lead to serious consequences, including potential lawsuits from your neighbours.

In this episode, I cover what you need to know before installing monitoring devices like CCTV cameras and Ring doorbells. I’ll provide tips to help you avoid common pitfalls and share a real-life case study.

 

#gdpr #dataprotection #Ringdoorbell #cctv #doorbell #Ring

Episode 44 - Challenges we face as DP Professional

Previous episodes discussed how younger generations lack knowledge about data protection. In this episode, Emma Martins, Chief Commissioner of the DMC, explains how she addressed this issue as the Data Protection Commissioner of the Channel Islands.

Could this approach be applied across the UK?

 

#gdpr #dataprotection #commissioner #dmc #generations #children

Episode 43 - Challenges we face as DP Professional

I’m talking once again with Emma Martins (Chief Commissioner of the DMC) and we explore how our very different career paths have led us to this profession and how we came across GDPR and fell in love with it.  How we have faced many challenges and how we have overcome them.

 

If you would like to know more about GDPR and how it applies to your business and how it can set your business apart from your competitors, please get in touch. We can be reached at info@cvgsolutions.co.uk alternatively on social media just search for CVG Solutions we are on LinkedIn, Facebook and Instagram or through our website www.cvgsolutions.co.uk

 

Episode 42 - Women in Data Protection

Join us for an insightful discussion featuring the amazing Emma Martins, Chief Commissioner for the DMC, as we explore the pivotal role of women in the realm of Data Protection. Together, Emma and I explore the unique contributions women bring to this industry and the significance of achieving gender balance within it. We reflect on how the landscape of data protection fosters inclusivity and support, transcending the boundaries of competition to form a network of mutual encouragement and empowerment. Join us as we navigate the evolving dynamics and celebrate the invaluable presence of women in this vital field.

#dataprotection #gdpr #women #genderbalance #dmc #network #competition

Episode 41 - Why AI Undermines Democracy

In this exciting episode, Emma Martin (former Data Protection Commissioner of the Channel Islands and now Chief Commissioner for the DMC) joins me for a lively discussion on the fascinating world of AI! Together, we’re diving deep into how this technology could shake the very foundation of our democracy.

Our conversation is sparked by the eye-opening book ‘Why AI undermines Democracy and What to do about it’ by Mark Coeckelbergh. It’s the inspiration behind our passionate exchange of ideas!

Join us as we navigate the twists and turns of AI’s impact on democracy. Spotlighting the critical necessity for well-crafted guidelines, steadfast standards, and robust regulations to safeguard the essence of our democratic principles!

#AI #dataprotection #gdpr #democracy #innovation #dmc #compliance

Episode 40 - Quality

Hello and welcome to the Why Such a Fuss podcast, your go-to source for all things related to data protection, broader disciplines, and business matters. Today, we’re delighted to have Annie McNeely, an ISO 9001 practitioner, back on the show.

In this episode, Annie and I dive into the topic of ‘quality.’ We explore what quality entails and why it holds paramount importance for any business endeavour.

Tune in to this concise podcast to glean invaluable insights and enhance your awareness on the subject.

 

#gdpr #dataprotection #quality #standards #ISO9001 #business #valueadd

Episode 39 - Continuous Improvement

Annie and I continue our journey of discussions and this time we are diving into Continuous Improvement which is all about constantly finding ways to make things better, smoother, and more efficient.

Constantly finding ways to improve operations is crucial for staying ahead in our ever-evolving world. Continuous Improvement is at the core of many other methodologies, standards, and regulations.

Hope you enjoy our discussion and reflections on this topic! There are some fantastic tips for you to take away and apply them in your business.

 

#gdpr #iso #continuousimprovement #methodologies #standards #dmaic #itil #pdca 

Episode 38 - Business Continuity

What is a Business Continuity and why it’s important for an organisation to have one.  As part of the GDPR & ISO common themes programme Annie McNeely and I talk about this very subject in this episode.

Something to consider is that a Business Continuity plan covers the entire business – processes, assets, personnel and more.  It is not just focused on IT and systems.  

Why both GDPR and ISO put a strong emphasis on a business having a Business Continuity and how it support a smooth return to Business As Usual (BAU).

#gdpr #iso #businesscontinuity #processes #disasterrecovery #dataprotection 

 

Episode 37 - Risk Management

Annie Mcneely, an ISO 9001 practitioner, and I will be talking about Risk Management, which is present both in ISO 9001 and GDPR and we want to highlight it’s importance. 

It features quite often in the GDPR putting obligations on organisations to carry out risk assessments especially when introducing change and in ISO 9001 is about mitigating risks to the business with regards to customer satisfaction and retention. 

Risk Management is a good practise that all organisations should have in place which allow them to capture, manage and control risks that a business might face.  

 

#ISO #gdpr #riskmanagement #data #standards #quality #dataprotection

Episode 36 - Change Management

In this episode Annie McNeely and I are going to address Change Management and why it plays an important part in any organisations, large or small.

How change management helps an organisation to identify and manage risks and how had the Post Office carried out some key steps would have avoided the pitfalls and prevented over 500 postmasters and postmistresses suffering. 

When done correctly change can be of great benefit to an organisation and bring great rewards.

 

#gdpr #dataprotection #ISO #quality #changemanagement

Episode 35 - What is Records Management and Why is it Important?

Both ISO 9001 and GDPR refer to records management and its importance. So, in this episode, Annie McNeely and I explore this subject to provide clarity and understanding.

Cristina says: “Under the GDPR records management enables sound data governance – which is essential for good data protection. Having an effective records management system in place helps to support access to information…..”.

Episode 34 - A Process-Driven Approach

Following on from the last episode, Annie Mcneely (an ISO 9001 practitioner) and I discuss the importance and benefit to an organisation from having a process-driven approach.

Having processes in place and documenting them enables the organisation to put in place measures to facilitate business/service continuity, which is one of the topics that we are going to be discussing in future episodes.

Episode 33 - ISO9001 and GDPR: What Do They Have in Common?

I am joined by Annie Mcneely, ISO 9001 implementer and auditor, and we discuss how ISO9001 and GDPR support each other and the key elements that they have in common. In this episode, we focus primarily on the similarities and differences between the two disciplines.

Keep listening for upcoming episodes where Annie and I will be discussing:

  1. A process-driven approach – why leadership buy-in and accountability are important
  2. Document and record management
  3. Change management
  4. Risk management
  5. Business continuity
  6. Continuous improvement Quality

Episode 32 - Buying and Selling Your Vet Practice

I’m joined once again by Laura Shaw from Training Progress, who in a previous life was a vet surgeon and nurse manager, to discuss what should be considered when buying and selling a practice.

And as usual, there is a GDPR element to it as well! Listen in to find out more.

Episode 31 - How Training Progress Supports GDPR

In this episode Laura and I explain how Training Progress can support business and GDPR processes.

The GDPR has some key processes that any organisation must follow, so it’s important to have a robust system that can support them. The regulation also demands that for an organisation to fulfil its obligations it must have supporting processes that fit within its operating model.

Episode 30 - Training Progress Continued

Following on from our last episode, Laura Shaw (business development manager at Training Progress) and I continue our discussion on how the Training Progress system can be used as a document management system.

Episode 29 - Introduction to Training Progress

In today’s episode, I’m joined by Laura Shaw, who is the business development manager at Training Progress and in a previous life a vet surgeon.

Laura and I discuss how Training Progress can support GDPR implementation and maintenance, and how Laura and her team are using it for that exact purpose.

I also explain how I use it with my clients to support my GDPR training.

Episode 28 - Personal Data in the Workplace

Where is the data kept? Are you using a shared environment to store your data to facilitate collaboration amongst your workforce?

If you are, what are the things that you should be aware of about data protection and security? Do you know if a cross-data transfer is taking place? And if so, do you know if the correct safeguards are in place?

What about USB? Some organisations are still using them, so it’s important to know what risks to data protection they could pose.

James and I discuss all these questions and more in this episode.

Episode 27 - Working From Home

When it comes to working from home from a GDPR perspective two things should be considered: security, and remote working policies.

Organisations must bear in mind that the employee has a right to privacy in their home. I explain what this means and how the organisation, perhaps unintentionally, can overstep the mark.

Meanwhile, James talks to us about what considerations should be taken from a cybersecurity perspective.

Episode 26 - Controller vs Processor

What is a data controller and what is a data processor?

These are two key roles within the GDPR and it is important to understand which role your organisation fulfils to determine and understand your legal obligations.

In some instances, you might be fulfilling both roles, so it’s essential to be aware of what your business obligations are under one role and what they are under the other.

I will also be talking about what agreements must be in place between a controller and a processor.

Episode 25 - What Can an Organisation Do to Prevent a Data Breach?

In this episode, James, and I discuss all the measures that an organisation can take to avoid a data breach. These include:

  • Technical security measures such as password and encryption
  • Physical security measures
  • Organisation security measures
  • Plus much more!

Episode 24a - Mr Bates vs The Post Office

Everyone is talking about it so I thought I’d do an episode with my view and explain how it could all have been avoided if they had applied GDPR and data protection by design.

Happy listening!

Episode 24 - HR and GDPR Case Studies

In this episode, I share with you three real cases in which HR and GDPR meet and how to go about it the right way. I explore how consent is not always the answer to everything, what steps to take when using 3rd parties in an employer/employee scenario, and what exceptions are available during a negotiation.

Episode 23 - Actions to Take in a Data Breach

What should you do if you have a data breach?

In this episode, James and I discuss what actions an organisation should take in the event of a data breach. This includes:

  • Considering whether the data impacted was personal data and if so, which categories of data
  • Are you the controller or the processor?
  • What type of data breach was it?
  • Was the breach intentional or unintentional?
  • Assessing the impact of the data breach to establish if it is reportable to the ICO
  • How was the breach discovered will help an organisation to identify weaknesses.
  • The importance of having an incident response plan and keeping a record of the incident.

Tune into this episode to find out more.

Episode 22 - What is a Data Breach?

If you were asked to explain a data breach, would you be able to explain it clearly and cohesively?

If the answer is no, then it might be worth you listening to this episode. In this episode, I discuss the definition of a data breach and explain how you can recognise and identify them. I’ll also give you tips on what actions you should take and what is appropriate to report to the ICO.

Episode 21a - In the News

In this episode, James and I share some recent data security incidents. The first covers the IT provider CTS, which has suffered a cyber-attack. As a result, a large number of conveyancing solicitors are unable to access the data and therefore complete the required legal transaction as part of buying and selling properties.

The second is about fake QR code scams that are on the rise. Recently, a woman fell victim to a fraudster in a £13,000 railway station QR code scam.

Third, an incident that has taken place at NHS Fife where a non-staff member was allowed into a ward without any checks, granted access to 14 patients and allowed to administer care to one of them.

Finally, the ICO and NCSC are joining forces in instructing solicitors to give the correct advice to their clients in case of ransomware attacks.

Episode 21 - Sending an Email to the Wrong Recipient

Did you know that sending an email to the wrong email address is the most common breach? It’s one of the top breaches reported to the ICO, and while they seem innocent on the surface they can cause real harm to individuals.

In this episode I will be sharing some tips on how to avoid these types of data breaches – so listen in!

Episode 20 - Data Transfer

In this episode, we discuss data transfer and how you can keep it simple and safe in your business. We have brought this subject right back to the basics to provide clarity and understanding on the following:

  • What is a data transfer?
  • The different types of data transfer.
  • What safeguards do you need to put in place if the transfer is to a country that does not have an adequacy status?

* At the time of this recording the information contained is accurate. There have been some changes in the GDPR landscape regarding data transfer to the USA. Listen to Episode 5 – ‘In the News’ for more information about this.

Episode 19 - How GDPR and Cyber Security Apply to Different Businesses

In this episode, James and I explore how GDPR and cyber security apply to different-sized businesses, including solopreneurs, corporations, and charities.

Episode 18 - What GDPR Training Should be Included in the Induction Process?

Any organisation large or small should have training as part of an induction process. New employees should be given an overview of the organisation, how to access and use the tools for the job, and they should also be trained in GDPR. This applies to all types of employment, whether it’s a full-time, part-time, or contractor/self-employed status.

Listen to this episode to find out what you should be aware of when it comes to GDPR training, as it’s not a one-size-fits-all proposition.

Episode 17 - Next Steps After Selecting a Candidate

Have you ever wondered whether you are taking the right data protection steps after choosing the candidate? Perhaps there’s something you’ve missed or something you should be doing differently.

In this episode, I examine if a privacy notice should be included in an employment contract, and what your obligations are when collecting special categories of data about new employees.

Episode 16 - What an Employer Should Do to Attract Talent

In this episode, Kate and I explore the various channels available to employers to attract talent. We also discuss how to be perceived as an employer of choice, and what information should be included in the job description to ensure the organisation is tapping into the right pool.

And, as always, I discuss what GDPR obligations you should consider and be aware of regarding talent attraction.

Episode 15 - Privacy Notices

Is it a privacy notice or a privacy policy? There needs to be more clarity on this topic, not only on the right terminology but also on its purpose and function. Does a business just need one privacy document? Are you covered once it is loaded on the website? Does a business need multiple variations?

Join me in this episode to find answers to all these questions and more.

Episode 14 - GDPR and IT Policies

In this episode, James and I cover policies that are required from a GDPR and IT perspective and the difference between the two. Often this area can be unclear, leaving businesses confused as to what is required.

Episode 13 - Data Retention and Automated Deletion

In this episode, I’ll share some key points on data retention and deletion, and James tells us how technology can support an organisation to stay in line with their retention policy.

Episode 12 - How to Select the Right Candidate

In this episode, Kate from JennettsHRSolutions shares some techniques to help choose the right candidate. Meanwhile, I cover the use of psychosomatic testing as part of the recruitment process. The data collected from psychosomatic tests is medical data, which falls under the special category data remit. So, I cover what additional provisions are required for its processing.

Episode 11 - Common Mistakes Made by Employers

In this episode, Kate from JennettsHRSolutions will be exploring:

  • Fair/unfair process.
  • What not to ask the candidate.
  • Interview techniques.

Meanwhile, I will cover what data an employer or recruiter is likely to collect during the recruitment process, what should and should not be collected, and some common pitfalls.

Episode 10 - What are Candidates Looking for in an Employer?

In this episode, we are joined by Kate Jennett from Jennetts HR Solutions. We discuss what candidates are looking for in an employer, particularly the up-and-coming Gen Z.

Episode 9 - Cyber Security vs Information Security (ISO 27001)

What is the difference between Cyber Security and Information Security (ISO 27001)? This and more is what James (a cyber security specialist from Uptech) and I will cover in this episode.

Episode 8 - Accountability and Responsibility

What is the difference between accountability and responsibility? Can they be delegated, and if so to whom? Can GDPR accountability be delegated to a GDPR professional?

James and I will dive deeper into this topic in this episode.

Episode 7 - Are Cyber Security and GDPR Hard to Implement?

In this episode James, from Uptech, and I discuss whether it is hard to implement cyber security and GDPR, which is a question that we both get often.

Like with many things, having the correct understanding and information is vital, rather than relying on information from non-specialists. This will then empower you to make the correct choices for you and your business.

Episode 6 - Why is Training Important

I often get asked ‘Why is training important?’ – my response is, ‘You don’t know what you don’t know’. There is no such thing as GDPR-compliant data or software. It’s the purpose and how it’s been used that makes it compliant.

Knowledge is power; it creates awareness, it helps people to do the right thing, and helps to eliminate errors that often lead to data breaches. Awareness and understanding of GDPR is the first step to achieving compliance.

In this episode, I will talk about why GDPR training is important for businesses, and what you can do to help your business and employees stay compliant.

Episode 5 - ‘In the News’ - October 2023

Some interesting developments have taken place in the Data Protection world recently that you should be aware of:

  • Communication from banks about rates is no longer considered direct marketing.
  • The Online Safety Bill is finally here and will become law soon.
  • The UK-US Data Bridge for data transfer to the USA

Episode 4 - Certification Myths

When a business registers with the ICO and pays the fee, does the certificate that the ICO issues count as a confirmation of compliance?

In this episode, James and I discuss the myths of certification and how you can provide proof of compliance.

Episode 3 - Alternative Security Measures

In the last episode, James walked us through the different technical security measures an organisation can apply. In this episode, I share with you alternative security measures that you should implement within your organisation. These include:

  • Physical security
  • Clear desk policy
  • Screen lock policy
  • How to properly secure data on paper
  • Pseudonymisation
  • Anonymisation

Data Protection goes beyond IT and cyber security, it is everyone’s responsibility within the organisation.

Episode 2 - What are the Different Categories of Personal Data?

Why is it important to understand the different categories of personal data and why GDPR only applies to the data of living individuals? In this episode, James and I will also discuss the various technical security measures that a business should implement to protect the data.

Episode 1a - Can Your Dog be Personal Data?

In the previous episode, we explored what constitutes personal data, such as name, address, phone number, and email. However, GDPR guidelines define personal data as ‘any information relating to an identified or identifiable natural person’ (or living individual). Therefore, information that might not seem like personal data could be in the right circumstances.

This episode illustrates how that can be the case by relating to a real-life event.

Episode 1 - What is Personal Data?

In this episode, we are joined by James Fowler from Uptech Ltd, a cyber security expert, and we discuss what constitutes personal data.