Call us at: +44 1772 217800 +353 01 554 9700 +1 303 317 5998

Blog

The GDPRLocal blog offers concise guidance on GDPR compliance, data protection, and information security. It covers topics like creating effective data protection policies, implementing frameworks, and understanding the EU AI Act. This resource is tailored for organizations looking to strengthen their data protection strategies and stay updated on regulatory requirements in the EU and UK.

Data Protection

Notifiable Data Breaches and the Intricacies of Breach Reporting

Security incidents may vary from minor technical anomalies to those that warrant a more serious approach. Where a security incident involves the accidental or unlawful…

Read blog
Notifiable Data Breaches and the Intricacies of Breach Reporting
10 years GDPR A Decade of Europe's Top Privacy Law
GDPR

10 years GDPR: A Decade of Europe’s Top Privacy Law

The GDPR turns 10 in 2026. Over the past decade, EU data protection authorities have issued more than €8 billion in fines, and over 700,000…
€31.8 Million GDPR Fine for an Insider Breach
Data Protection

€31.8 Million GDPR Fine for an Insider Breach That Ran Undetected for Two Years

On 30 March 2026, Italy’s data protection authority, the Garante della Privacy, issued a €31.8 million GDPR fine against one of the country’s largest financial…
CRM Data Retention Compliant Customer Data Management
Data Protection

CRM Data Retention: GDPR-Compliant Data Management

The storage limitation principle under GDPR Article 5(1)(e) requires that personal data be kept only for as long as necessary for the purposes for which…
A GDPR Transparency Lesson
Data Protection

The Odido Case: A GDPR Transparency Lesson 

The Dutch telecom provider Odido forwarded personal data from customers’ home routers to Lifemote, an American AI company, without clearly disclosing this in its privacy…
US State-Level Data Protection Requirements
Data Protection

Data Security by State: American State-Level Data Protection Requirements

Data security requirements in the United States vary significantly from one state to another, with no single federal law establishing uniform standards for how businesses…
GDPR US Equivalent What American Businesses Need to Know
GDPR

GDPR US Equivalent: What American Businesses Need to Know

The United States doesn’t have a single, all-encompassing privacy law like the GDPR, but that doesn’t mean American businesses are off the hook when it…
Invasion of Privacy Laws in the UK Rights, Regulations, and Protections
Data Protection

Invasion of Privacy Laws in the UK: Rights, Regulations, and Protections

Invasion of privacy occurs when someone unlawfully intrudes into another person’s private life, potentially causing harm or emotional distress. In the UK, privacy is protected…
What HIPAA Protects A Guide To Protected Health Information
HIPAA

What HIPAA Protects: Understanding Protected Health Information

Protected Health Information (PHI) is at the heart of patient privacy, and understanding what HIPAA protects is essential for healthcare organisations and their partners.  This…
HIPAA Compliance Checklist Important Requirements for 2026
HIPAA

HIPAA Compliance Checklist: Important Requirements for 2026

A HIPAA compliance checklist is a structured document that helps organisations systematically verify they meet all requirements of the Health Insurance Portability and Accountability Act. …
HIPAA Compliance for IT Teams Compliance Guide
HIPAA

HIPAA Compliance for IT Teams: Technical Safeguards, Risk Management, and ePHI Security

IT teams in healthcare face a direct responsibility: protect electronic protected health information (ePHI) across every system, database, and network under their control. The HIPAA…
GDPR for KYC Platforms Compliance Framework
GDPR

GDPR for KYC Platforms: Compliance Framework for Financial Institutions

GDPR for KYC platforms represents one of the most complex intersections in financial regulation, where data protection laws collide with anti-money laundering requirements. The General…
GDPR for Wearable Technology What You Need To Know
GDPR

GDPR for Wearable Technology: Compliance Guide

Introduction The General Data Protection Regulation (GDPR) applies to all wearable devices that collect personal data of individuals in the EU. Health and fitness data…
Show more posts