ISO 27001 Controls: A Comprehensive Step-by-Step Guide

iso 27001 controls

Organisations in today’s world filled with technology require a good information security setup and that’s exactly what the ISO 27001 provides. The ISO 27001 controls are comprehensive policies, procedures, and techniques designed to protect information assets. Understanding and implementing these controls is not just about compliance; it is about building a resilient Information Security Management […]

Read More… from ISO 27001 Controls: A Comprehensive Step-by-Step Guide

Comparing Information Security Frameworks and Data Protection Frameworks

information security frameworks and data protection frameworks

With cyber threats evolving at an unprecedented rate and regulations tightening globally, understanding and implementing information security and data protection frameworks is more crucial than ever. Not only do they provide a structured approach to managing and mitigating risks, but they also help in achieving compliance with laws like HIPAA in healthcare, thereby safeguarding sensitive […]

Read More… from Comparing Information Security Frameworks and Data Protection Frameworks

ISO 27001:2022 Compliance – Navigating Mandatory Documentation and Awareness

iso 27001:2022 compliance

 Adhering to recognized standards is vital for safeguarding sensitive data and ensuring organisational resilience. Among these standards, ISO 27001:2022 stands out for its comprehensive framework for Information Security Management Systems (ISMS). Central to achieving ISO 27001 compliance are mandatory documentation and awareness, key components that lay the groundwork for effective security measures.  Let’s delve into […]

Read More… from ISO 27001:2022 Compliance – Navigating Mandatory Documentation and Awareness

How to Manage Personal Information Access Requests under PIPEDA

personal information

PIPEDA as a cornerstone of Canadian privacy law grants individuals critical rights over their personal information. Two key rights are the right to access their data and the right to correct any inaccuracies. For organizations, adhering to these regulations is not just a legal obligation; it’s a fundamental step in building trust and transparency with individuals. […]

Read More… from How to Manage Personal Information Access Requests under PIPEDA

ISO 27002: A Comprehensive Guide to Information Security Controls

freepik, woman, documents, iso27002

Data breaches are becoming increasingly prevalent lately, organizations must prioritize information security to safeguard their sensitive information and protect their stakeholders. One internationally recognized standard that assists organizations in establishing robust information security practices is ISO 27002. In this comprehensive guide, we will explore into the intricacies of ISO 27002, its purpose, importance, and how […]

Read More… from ISO 27002: A Comprehensive Guide to Information Security Controls

Legal and Privacy Challenges of Data Scraping in the Digital Age

data scraping, digital age, legal, data protection, linkedin

Data Scraping – beyond the familiar term, what secrets does it hold? Throughout this insightful blog, Marin Milenkoski explores the complex world of data scraping and examines the legal and privacy aspects of gathering publicly available information, a practice that is widely used, but often misunderstood. Data scraping, also known as data harvesting, can be […]

Read More… from Legal and Privacy Challenges of Data Scraping in the Digital Age

ICO consultation on draft employment practices guidance – information about workers’ health

The Information Commissioner’s Office (ICO) is producing an online resource with topic-specific guidance on employment practices and data protection. We are releasing our drafts of the different topic areas in stages and adding to the resource over time. A draft of the guidance on handling information about workers’ health is now out for public consultation. […]

Read More… from ICO consultation on draft employment practices guidance – information about workers’ health

Do you know how to recognize a SAR?

As per the GDPR Regulative there are certain rights that data subjects can obtain. One of the rights is the Right to Access . The right of access, commonly referred to as subject access, gives individuals the right to obtain a copy of their personal data, as well as other supplementary information. It helps individuals to […]

Read More… from Do you know how to recognize a SAR?

Are you aware of holding sensitive data ?

Sensitive data is information that must be protected against unauthorized access. Access to sensitive data should be limited through sufficient data security and information security practices designed to prevent unauthorized disclosure and data breaches. Your organization may have to protect sensitive data for ethical or legal requirements, personal privacy, regulatory reasons, trade secrets and other […]

Read More… from Are you aware of holding sensitive data ?

How to create a perfect Privacy policy 

One of the most important documents in GDPR regulative, that your company needs to have a special focus on it is the Privacy policy. You must make sure your Privacy Policy is GDPR complaint, and provides all the info that is required. Here at GDPR Local we help you achieve this, and we share you […]

Read More… from How to create a perfect Privacy policy