Category Archives: General Data Protection Regulation – GDPR

Adrian McGarry

Data Changemakers 13: Adrian McGarry, Director of IT, Licensed Trade Charity and Elvian

Posted on 31 July, 2018 by

The Data Changemakers series is a set of interviews and interactions with people who have spent their careers working in or around data and data management initiatives. They have a vision for the data journey and we want to understand what they have learnt and how that drives what...

Read more

Digital Security and Data Protection

Six tips for reviewing your system and data security

Posted on 18 July, 2018 by

System and data security are based on three things: confidentiality, integrity and availability. With the updated Data Protection act and GDPR having a huge impact on how organisations treat and manage their data, security is at the forefront of everyone’s minds. There is even more focus on the action...

Read more


Consent or legitimate interest: which option is best for your organisation?

Posted on 16 July, 2018 by

The content of this blog is provided for information purposes only and should not be relied upon as legal advice or to determine how GDPR might apply to your organisation.  One of the side effects of the implementation of GDPR was the rash of ‘repermissioning’ requests sent out by...

Read more


How good data governance enables compliance with the GDPR right of erasure

Posted on 21 June, 2018 by

One of the new provisions of GDPR is the right of erasure, also known as the right to be forgotten. Individuals can now request that you delete their personal data from your systems. You have one month to respond to this request. Someone wants their data deleted so you...

Read more

You’re not yet compliant with GDPR? Don’t panic – few people are.

Posted on 22 May, 2018 by

The GDPR enforcement date is almost upon us. Consequently, our email inboxes are packed with GDPR-related emails from all the companies we’ve ever dealt with, and the volume is rising day by day in the run up to 25 May. Many organisations are in panic mode, trying to get...

Read more

The DPIA in practice – balancing obligation with opportunity

Posted on 03 May, 2018 by

Obligation Vs Opportunity The ICO has recently issued detailed guidance on DPIAs (Data Protection Impact Assessments) during a consultation process. Included within the guidance is the list of processing operations required by art 35(4) for which it will require a DPIA to be carried out. One of those operations...

Read more

Thoughts on the general data protection regulation (GDPR)

Posted on 11 May, 2017 by

The impact of GDPR is ubiquitous in the information management industry right now. It is also the topic of many of the conversations we are having with clients. We recently undertook a piece of research (jointly with our partner Informatica) into the impact of GDPR in the public sector. This has...

Read more


A six-step action plan for EU GDPR consent mastering

Posted on 20 March, 2017 by

Why GDPR is relevant to all of us All EU citizens, as data subjects, have a vested interest in industry getting GDPR compliance right because it can impact our trust in the organisations who hold and process our most personal information. If you are a Data Controller or Data...

Read more

Delta Triangle

Why GDPR and data strategy are two sides of the same coin

Posted on 16 March, 2017 by

Crossing the GDPR data delta At Entity Group we see GDPR as an opportunity for organisations acting in the role of data controllers and data processors to build trust with data subjects (the individuals whose data they hold) to become truly customer/citizen/employee centric. All too often organisations do not...

Read more