Defines the right to make representations at a confirmation hearing where a fine has been levied by the Office of Data Protection Commission. Such representations can be made even in the event that an appeal [...]
There are three types of risk. High, medium and low. These refer to the risk of damage or prejudice arising to an individual (or individuals) in the event of a data breach.
All individuals shall have a right to an effective judicial remedy where one considers their rights under the regulations have been infringed as a result of the processing of their personal data or non-compliance with [...]
Redactions are where information is deleted from data to be provided (usually by way of black marker). In the event that redactions are required (such as third party personal details information etc.) then a statement [...]
A refusal to provide data access on foot of a subject access request. A notification for refusal should issue with a statement of reasons for refusal and an indication that a complaint may be registered [...]
Sources of regulatory guidance include (but are not limited to) Data Protection Commission Guidance on Access Rights and Responsibilities (published in April 2017).