Sign-in Help

Data breaches, sanctions and enforcement

Featured guidance

The General Data Protection Regulation (GDPR)
Data breaches, sanctions and enforcement guidance:
Cybersecurity breach notification requirements

Brexit: On 31 January 2020, the UK ceased to be an EU Member State and entered an implementation period, during which it continues to be subject to EU laws, including...

Practice Note
Data protection principles under the GDPR

Brexit: On 31 January 2020, the UK ceased to be an EU Member State and entered an implementation period, during which it continues to be subject to EU law. During this...

Practice Note
EU and EEA data protection supervisory authorities

Brexit: On 31 January 2020, the UK ceased to be an EU Member State and entered an implementation period, during which it continues to be subject to EU law. During this...

Practice Note
GDPR compliance—managing personal data breaches

Brexit: As of exit day (31 January 2020), the UK is no longer an EU Member State, but it has entered an implementation period during which it continues to be treated by...

Practice Note
GDPR enforcement by UK and EEA supervisory authorities—tracker

Brexit: On 31 January 2020, the UK ceased to be an EU Member State and entered an implementation period, during which it continues to be subject to EU law. During this...

Practice Note
ICO enforcement—database

This database sets out details of recent enforcement actions taken by the Information Commissioner's Office (ICO). It is accessible by clicking on the link below: ICO...

Practice Note
Letter notifying data subject of data breach under PECR 2003

Produced in partnership with Pritchetts Law Letter notifying data subject of data breach under the Privacy and Electronic Communications Regulations 2003, SI 2003/2426...

Precedents
Non-Data Protection Act offences involving the misuse of data

The Data Protection Act 2018 (DPA 2018) creates a number of criminal offences relating to the misuse of personal data in the UK. For information on these specific...

Practice Note
Offences under the Data Protection Act 2018

The Data Protection Act 2018 (DPA 2018) received Royal Assent on 23 May 2018. The DPA 2018 puts the UK in a position to continue to share personal data with other EU...

Practice Note
Sanctions and enforcement under the GDPR

Brexit: On 31 January 2020, the UK ceased to be an EU Member State and entered an implementation period, during which it continues to be subject to EU law. During this...

Practice Note
The General Data Protection Regulation (GDPR)

Brexit: On 31 January 2020, the UK ceased to be an EU Member State and entered an implementation period, during which it continues to be subject to EU law. During this...

Practice Note
The Information Commissioner’s Office (ICO)

Brexit: On 31 January 2020, the UK ceased to be an EU Member State and entered an implementation period, during which it continues to be subject to EU law. During this...

Practice Note
The Network and Information Systems Directive—timeline

This timeline sets out key dates and information relating to the Network and Information Systems Directive (NIS Directive), Directive (EU) 2016/1148, also known as the...

Practice Note
The Network and Information Systems Regulations 2018

Brexit: On 31 January 2020, the UK ceased to be an EU Member State and entered an implementation period, during which it continues to be subject to EU laws, including...

Practice Note
Trending Topics
In-House COVID-19