Defines the right to make representations at a confirmation hearing where a fine has been levied by the Office of Data Protection Commission.  Such representations can be made even in the event that an appeal [...]

By |2018-11-22T14:22:25+00:00November 22nd, 2018|


There are three types of risk.  High, medium and low.  These refer to the risk of damage or prejudice arising to an individual (or individuals) in the event of a data breach.

By |2018-11-22T14:22:11+00:00November 22nd, 2018|


All individuals shall have a right to an effective judicial remedy where one considers their rights under the regulations have been infringed as a result of the processing of their personal data or non-compliance with [...]

By |2018-11-22T14:21:58+00:00November 22nd, 2018|


Redactions are where information is deleted from data to be provided (usually by way of black marker).  In the event that redactions are required (such as third party personal details information etc.) then a statement [...]

By |2018-11-22T14:21:45+00:00November 22nd, 2018|


A refusal to provide data access on foot of a subject access request.  A notification for refusal should issue with a statement of reasons for refusal and an indication that a complaint may be registered [...]

By |2018-11-22T14:21:31+00:00November 22nd, 2018|

Regulatory Guidance

Sources of regulatory guidance include (but are not limited to) Data Protection Commission Guidance on Access Rights and Responsibilities (published in April 2017).

By |2018-11-22T14:21:17+00:00November 22nd, 2018|