UK ICO issues new Code of Practice on Subject Access Requests
The UK Information Commissioner’s Office (ICO) has issued a new Code of Practice on dealing with Subject Access Requests (Code). The Code, which was issued on 8 August, will be required reading for all businesses and other organisations that are data controllers under the UK Data Protection Act 1998 (DPA).
As data controllers are those who determine the manner and purpose of any processing of personal data, in practice, almost all businesses and other organisations in the UK will be affected.
All data controllers are advised to review the Code and ensure that their Subject Access Request policies and procedures reflect the guidance contained within it. As an added ‘incentive’, the ICO has announced that it will be conducting a Subject Access Request ‘sweep’ of websites later this year…
If you are registered and logged in to the site, click on the link below to read the rest of the Nabarro briefing. If not, please register or sign in with your details below.
News from Nabarro
Briefings from Nabarro
Ensuring your rates of liquidated damages are a ‘genuine pre-estimate of loss’ is no longer enough to ensure that they will not later be held to be a penalty.
A global survey published by the Global Privacy Enforcement Network has found an alarming degree of data privacy failings among mobile apps.
Analysis from The Lawyer
Nabarro senior partner and self-confessed “IT geek” Graham Stedman is heralding a major set of investments in technology ahead of the firm’s move to 125 London Wall this year.
Clients are more willing to bring claims against professional service providers but the risk to defendants is not as dramatic as it might seem