Does the GDPR still apply? Yes. The GDPR is retained in domestic law as the UK GDPR, but the UK has the independence to keep the framework under review. The ‘UK GDPR’ sits alongside an amended version of the DPA 2018.
Categories compliance
This post is made for very large portion of business population. We are talking about 90% here. Companies with very small number of desktops.
It this is you please read on. You are (very likely) using Office (365 or not). And you are categorized as SME , and thus very likely, you have no services of this mythical creature called: Administrator.
You have nobody but yourself. And this good blog 🙂 Continue reading
Worlds are colliding to the potential detriment of small businesses.
Again.
Context: GDPR
Please read very slowly this very good description on what has happened and, more importantly, what will happen.
Not to your business of course. Because you are completely prepared and content for 24 May 2018, 23:00 ?
This news is BIGÂ news. I admit I myself thought it was just a wishful thinking/fake news.
But it is true indeed. Airbus is moving its business on-line collaboration to Google, away from Microsoft tools and technologies. Continue reading
Office 365 New Feature: Continue reading
https://www.morganmckinley.co.uk/article/press-release-year-opens-record-jobs-low
There is no other way I can put it. Or as they say “pass the message over”. Findings from this survey are staggering. In not a good way.
Cyber_Security_Breaches_Survey_2018_-_Preparations_for_the_new_Data_Protection_Act
This article text is taken from Tech Crunch. I am going to comment on it in the coming days.
Since it is a bit long it is in the page format. Please proceed here for a full text.
This is direct from the ICO Commissioner. Importance of this post can not be overstated. Please read carefully.
https://iconewsblog.org.uk/2017/09/05/gdpr-setting-the-record-straight-on-data-breach-reporting/amp/
Consider this.
Imagine you have applied for a patent. Patent award approval takes some time (or more) and during that period, your name is publicly available and related to that patent request to be granted.
And after that. until a patent expires and goes into the archive. Where your name is still available and associated with a patent expired. Continue reading
Firstly, this speech is important because it marks the official agreement of UK to adhere to GDPR. And it seems fully so, at that.
First, enter the “good side” aka GDPR
EU is delivering hard data protection regulatory drive since 1995. And EU data protection drive it is to become much tougher from 2018-05-28. Continue reading
Modern ITÂ products, used by modern and compliant businesses, must convince customers that they contain sound High Availability (HA) strategy in place. Architected, Designed and Implemented. Continue reading
Using Cloud Services? What the End of Safe Harbor Means for EU Companies
“Even if in the case that the EU Safe Harbour 2.0 passes soon, I think that the general climate is a preference for data locality, and even if the regulations are cleared and there’s a path forward for legal transfer of data, I think that the appetite for the Europeans to have local data has increased.”
Yet another post on this subject but this time with real costs of owning Exchange on premises. Clearly showing all the Capex and Opex costs related to savings made by adopting Exchange on line.
Note: technical bits are removed so that focus is on the business benefits.
Things to Know About Your Work Email
Handy micro guide to your e-mail rights and obligations
[Original source] of this text.
Digital privacy at the workplace is actually something everyone should at least be thinking about. And not just high-profile folks in the limelight of the media, but all of us. In fact, these issues arguably affect us the commuting work-a-day masses far more than the power brokers. If you lose your job because of emails you sent, you’ll probably find yourself in a precarious situation.
Let us begin this discussion by first acknowledging the following: As an employee, you have entered into an agreement to rent your brain and body to a company in return for a salary. Your HR department may attempt to sugarcoat this sad fact of adulthood with free coffee in the break room or the occasional “Tapas Tuesday,” but you are essentially just a (replaceable) tool your company uses to create a product or provide a service. It is therefore in your company’s interest to get as much out of their tools (i.e. you) as possible. And that often takes the form of monitoring of your digital behavior.
Unfortunately, there aren’t a lot of universal hard-fact rules regarding privacy and employment. This is because there’s a messy patchwork of overlapping laws at the state, and local level, many of which were conceived and codified long before anyone was even aware of what an “e-mail” was.
Therefore, few universal pronouncements can be made and the courts tend to rule on a case-by-case basis in a “very fact-specific” manner, according to a law professor, who helped us highlight six general principles about using digital communication in the workplace. Please keep in mind that aspects of this laws have been actively evolving both in US and EU. Until now that is, when we count last “days of freedom” before 25 may 2018 and the GDPR.
1. Don’t say anything that could get you fired over company email.
As a general rule, an employer can’t intentionally access digital communications when you have a reasonable expectation of privacy. But ask yourself if your privacy expectations match up with that of the law.
One place you should probably expect to be monitored is when using company email. If you are using a company-issued computer to access company email stored on company-owned servers, you shouldn’t have an expectation of privacy. All those communications are basically your employer’s property.
Courts also look to what your company’s email policy says in deciding whether you reasonably expected privacy for your emails. It matters, for example, if that policy clearly says that workers can’t use company computers for personal email activity, and that they will be monitored.
If any of this is news to you, hopefully you haven’t been emailing anything that you wouldn’t want your boss to find out about.
2. Personal email accounts on third-party servers are protected, even if you access them on a company-owned computer.
If you use your company’s computer to check your private, password-protected email (i.e. one that lives on a third-party server like Gmail), then it is probably protected. There’s a Electronic Communications Privacy Act —that bans your employer (and others) from deliberately accessing that email without your permission. But. There are many court cases in which employees accessed private email through a company computer and an employer wanted to monitor these activities. The court found that these emails were inadmissible as they were accessed without the employee’s authorization in violation of the Stored Communications Act.
3. Employers can’t require that employees (or potential employees) give them access to their social media accounts.
As much as you might want to know if your current or potential employees are getting up to any shenanigans in their spare time, you—in a growing number of jurisdictions —won’t be able to request or require them to give you access to their social media accounts so you can find out. In fact, many countries are working on laws specifically making this practice illegal (surely based on no small part from lobbying and legal efforts of Facebook itself).
4. You can be fired because of what you post on social media.
As with email, an employer can’t use your work computer to directly access your social media accounts without your approval. But just because an employer can’t access your Facebook or Instagram accounts, it doesn’t mean they can’t use your social media to judge—and possibly even fire or discipline—you.
Facing consequences at work for social media posts you put up in your spare time is something that we see happen all the time.
5. BYOD (Bring Your Own Device) is a big confusing mess.
Many people use their own personal phone and tablet at work and will use these devices to access company email as well as other company documents. This is known as a “Bring Your Own Device” (or BYOD) setup. And when it comes to monitoring, unfortunately there’s not a lot we can do to guide you.
So, how far can your employer go to monitor your activity on a device that you purchased and use for your own personal communications? It’s TBD.
If your employer is intercepting or accessing your communications on your personal electronic device and you haven’t given them authorization to do so, then there is a risk that activity is going to violate the law.
6. Civil servants have protections that private employees do not.
Since their employer happens to be the government, public employees are protected from intrusion in many cases where private employees are not. Specifically, public employees would have the protection, which “protects a person from ‘unreasonable searches’ of their ‘persons, houses, papers, and effects,’ and also limits public employers to only ‘reasonable searches’ of the digital communications of their employees.
Of course, what counts as “reasonable” varies a lot by the kind of civil servants work setting. But for those of us employed in the private sector this just doesn’t apply.
[Source] of this text.