Data Protection & GDPR

A gloved hand on a computer mouse next to a keyboard, with a patient record displayed on a hospital computer screen in the background

The NHS doesn’t have a data security problem. It has a culture problem.

The NHS doesn’t have a data security problem. It has a culture problem. This week, Cambridge University Hospitals referred itself to the Information Commissioner’s Office after it emerged that around 40 members of staff had accessed the medical records of a three-year-old boy injured in a crocodile attack. The child was treated at Addenbrooke’s following […]

The NHS doesn’t have a data security problem. It has a culture problem. Read More »

Aerial view of a stone architectural maze with a clear navy blue path marked through it, representing navigation through complex ISO standards

ISO Spaghetti: Why the Standards Landscape Is Confusing (and What to Do About It)

The five standards worth knowing about ISO Spaghetti: Why the Standards Landscape Is Confusing (and What to Do About It) I have lost count of the number of tender documents I have reviewed that specify ISO 22301 and ISO 27001 and ISO 31000, sometimes with ISO 22361 thrown in for good measure. Occasionally all four

ISO Spaghetti: Why the Standards Landscape Is Confusing (and What to Do About It) Read More »

Aerial view of a port at dusk with a network of connected transport and logistics icons overlaid, illustrating supply chain interdependency.

The cyber law your organisation probably doesn’t need to worry about — and why that might be exactly the problem

The cyber law your organisation probably doesn’t need to worry about — and why that might be exactly the problem The Cyber Security and Resilience Bill passed its third reading in the House of Commons on 16 June and arrived in the Lords the following day. If you’ve seen coverage of it, you could be

The cyber law your organisation probably doesn’t need to worry about — and why that might be exactly the problem Read More »

Teenager holding a smartphone displaying an age verification prompt — illustrating the data protection challenges of the UK social media ban for under-16s

Banning Social Media for Under-16s: The Data Protection Question Nobody’s Answering

Banning Social Media for Under-16s: The Data Protection Question Nobody’s Answering So it’s official. This morning, the Prime Minister stood in Downing Street and announced a full ban on social media for children under 16. TikTok, Instagram, Snapchat, X, YouTube, Reddit — the lot. Legislation before Christmas, enforcement potentially from Spring 2027. As a parent

Banning Social Media for Under-16s: The Data Protection Question Nobody’s Answering Read More »