Learning from the British Airways and Marriott International fines: What does the GDPR standard of “Appropriate Technical and Organisational Measures” actually mean? Part 2 – Ashley Hurst and Nina Lazic

30 08 2019

The first part of this article detailed the baseline technical measures that companies should be taking in order to remain GDPR compliant. Alongside these technical measures, it is equally important to ensure that robust organisational measures are in place. Read the rest of this entry »





Learning from the British Airways and Marriott International fines: What does the GDPR standard of “Appropriate Technical and Organisational Measures” actually mean? Part 1 – Ashley Hurst and Nina Lazic

29 08 2019

In July 2019, the sea-change in data protection enforcement became abundantly clear when, in the space of two days, the Information Commissioner’s Office (ICO) announced its intention to fine British Airways £183.39 million and Marriott International £99.3 million in relation to their high profile data breaches. Read the rest of this entry »