• PPP Management

Thursday Thoughts - Last Thursday Thoughts for June!

Opening businesses up again under the new “”Covid Safe” regime has been a tremendous burden for businesses. Not only is the need for significant expense purchasing PPE and protection for staff there is the requirement to produce risk assessments and now a data collection role as well. With this new data collection role businesses are rightly concerned about data breaches. I have therefore included some guidance (from my recent book) on what to do if you do experience a breach. Did you know you have only a 72-hour window in which you must have informed the ICO if there is a risk to someone’s rights and freedoms?

While we are talking about data did you know TikTok collects rafts of data about you? I was shocked to read just how much they collect about their users, their device and contacts. I did not expect them to collect information about phone hardware, delete apps and home Wi-Fi access point names.

This week there was troubling news that only 40% of people in the UK have separate passwords for their financial accounts. Remember use 3 random words and have completely different passwords for banking! There has been an update to the ICO Q&A section as a response to questions on heath and social care responsibilities.

My “Blogs of the week” Springboard Consultancy - Improvise Adapt and Overcome

Altrincham HQ - A Perfect LinkedIn Post – does it really exist?

Maeri Howard – Blogging Guide

Informed Solutions - Reimagining Education in an Unsteady State

Hospitality businesses - track and trace and risk assessments

Many in the hospitality industry are particularly worried about collecting data on their customers so that they can be traced in the event of a local COVID19 outbreak. There is also a significant H&S burden on them with the need to conduct COVID risk assessments in order to demonstrate that they are “COVID SAFE”. Following my free on line Clinic this week where I was able to offer honest advice and practical hints to the hospitality sector (sometimes being both GDPR and IOSH trained is a benefit), I will be conducting more sessions next week on a 1:1 basis. It is still possible to book a session via the contact form on our website.

Health and social care, COVID and consent

The ICO has developed a list of Q&As for health and social care organisations. Providing answers to questions such as “If someone is unwell and unable to give their consent to having their data shared, can their data still be shared anyway by a health or social care professional” (the answer is Yes – because data protection is not a barrier to data sharing, as long as you take a fair and proportionate approach). The answers can be found here: https://ico.org.uk/global/data-protection-and-coronavirus-information-hub/data-protection-and-coronavirus/health-social-care-organisations-and-coronavirus-what-you-need-to-know?utm_source=linkedin&utm_medium=information%20commissioner%27s%20office&utm_term=109b23e7-c52a-42e3-9f29-ca4da3677794&utm_content=&utm_campaign=

Dealing with a data breach – You have 72 hours

There have been lots of examples in the media recently of data breaches and they say that one in every four organisations will experience a data breach of some sort at some time. It is therefore sensible to make sure your organisation has a system in place to deal with a data breach should one occur. This important more than ever now if you are likely to be holding more information about your customers as a result of your track and trace responsibilities.

A data breach occurs when someone’s personal data is accessed, extracted or altered by someone who should not have access to it. This can be through human or system errors or indeed through genuine error, system or affected in an unauthorised manner.

The best thing to do is to take a proactive approach. Everyone should understand what to do and who to report to if you suffer a breach. It may be appropriate to appoint a Data Protection Officer to act as a focus for Data Protection Issues. They will help you to identify your data breach risks and to you understand how a breach would impact your organisation.

The key is to react quickly (you have 72 hours).

· Establish what happened.

· Put in place steps to stop any more breaches continuing from this source.

· Investigate the problem and decide if there is a risk to someone’s rights and freedoms.

o If there is you must notify the ICO using their Personal Data Breach form

o You will also need to inform the data subject as soon as possible

Whatever happens you should log the incident and put measures in place to address the breach and prevent it from happening again. You can read more in chapter 10 of my book GDPR: A Game of Snakes and Ladders.

What password do you use for banking?

According to a recent study only 40% of people in the UK have separate passwords for their financial accounts. Just over 20% of UK citizens only use between 2-5 passwords, which are then re-used for their financial accounts. With the sharing of passwords and emails on the dark web this could leave you open to fraud. If you haven’t taken the opportunity to change your passwords for banking I would do so now. If you are concerned that your account has been tampered with then you can check by putting the email address into https://haveibeenpwned.com/. You will receive a message almost instantly that says either “now pwange found” or gives you a list of which of your accounts have been shared on the dark web. You can read more here: https://www.ncsc.gov.uk/report/weekly-threat-report-19th-june-2020

Spotify, Warner Bros and DC deal

Spotify, Warner Bros and DC have announced a multi-year deal to produce and distribute new podcasts based on the characters and stories in their catalogues. This will be one to watch out for as much-loved characters are brought back to life in podcast form.

US law-enforcement-data-breach

Hacktivists have leaked 269 GB of data allegedly stolen from more than 200 police departments and law enforcement agencies across the United States. You can read more here: https://thehackernews.com/2020/06/law-enforcement-data-breach.html

Has your app has been reading your clipboard?

There has been anger amongst when it was revealed that TikTok and a number of other apps (AccuWeather, Overstock, AliExpress, Call of Duty Mobile, Patreon and Google News) have been able to read the contents of users' clipboards whenever they were open on screen. You can read more here: https://www.telegraph.co.uk/technology/2020/06/25/tiktok-stop-snooping-users-clipboards-iphone-update-shows-app/

Apple intend to disable this with IOS 14 which you can read more about here: https://www.macrumors.com/2020/06/22/ios-14-phone-calls-user-interface/

TikTok and your data

If you are not concerned about TikTok’s intrusive user tracking app then perhaps you should be. They apparently use every method that they can to get your data. They also make it incredibly hard for you to find out what they collect and even harder for you to opt out of each form of tracking.

According to reports the information they collect includes:

· Information about you (e.g. name, DOB, email address you use to reset your password)

· Information about your contacts

· information about your device including phone hardware, memory use, disk space, cpu details, other apps you have and apps you have deleted, GPS data about you and pretty much everything about your network including your home Wi-Fi access point name.

You can read more here: https://www.boredpanda.com/tik-tok-reverse-engineered-data-information-collecting/?utm_source=linkedin&utm_medium=social&utm_campaign=organic

US law-enforcement-data-breach

Hacktivists have leaked 269 GB of data allegedly stolen from more than 200 police departments and law enforcement agencies across the United States. You can read more here: https://thehackernews.com/2020/06/law-enforcement-data-breach.html

Australia targeted by 'sophisticated' cyber attack

The Australian Prime Minister announced that the frequency of sophisticated state sponsored cyberattacks has "increased" over many months. While he stopped short of naming the country responsible he did say “there are not a large number of state-based actors that can engage in this type of activity."

Why people become internet trolls

With twitter taking down tweets and accounts the focus this week has been on how pleasant or otherwise people are in their on line interactions. The “anonymity” afforded by the lack of personal contact can cause some people to act in an extreme way. I was interested to read the One Zero article which discusses a link between trollish behaviour and a set of personality traits called “the dark tetrad.” You can read the full article here: https://onezero.medium.com/why-people-become-internet-trolls-4dbffaeaa74f

Blogs of the week

Improvise Adapt and Overcome

I came across this Springboard Consultancy blog this week. The title ‘improvise, adapt and overcome!’ was of course going to attract me given my military background. At the moment all of our routines are upset, everything is worrying or uncertain and we have been living so closely with our nearest and dearest that it is a surprise that less of us have been driven mad! Springboard’s blog about how to approach the times we are living in can be found here: https://springboardconsultancy.com/2020/03/19/improvise-adapt-and-overcome/

Altrincham HQ - A Perfect LinkedIn Post – does it really exist?

I was interested to read Alex’s take on whether it is possible to achieve perfection in Social Media posts. Does striving for perfection both encourage some people to be better while at the same time hold others back from posting. Alex McCann describes the anatomy of the perfect social media post. It is truly though provoking. You can read the blog here: https://altrinchamhq.co.uk/the-anatomy-of-a-perfect-linkedin-post/

Maeri Howard – Blogging Guides

I am always open to new ideas and this week I found a whole blog on how to write blogs! Maeri Howard has collected together a number of blogs. There are helpful how-to videos, including one on what platform she uses when she has an image for a newsletter, blog post or social media update (Canva). If you want blog “better” then Maeri has comments on some of the best products on the market such as Canva, Storeo, tailwind, Grammarly. You will find the blogs in the blogging tab here: https://maerihoward.com/resources/

Informed Solutions - Reimagining Education in an Unsteady State

Covid caused a rapid closure of schools and a move to online and virtual lessons with no time for planning or a strategy to be developed. In the Informed solutions blog (which appeared in Education Technology Magazine in June) I was pleased to see a discussion on the need “to re-evaluate what students of all ages require from educators and how educators need to shape efforts for greater elements of online learning.” In particular the blog focusses on User Centred Design, critical soft skills, the need for continued investment in technology-enhanced learning and greater support for teachers. You can read the blog here: https://www.informed.com/uk/blog/2020/june-2020/reimagining-education-in-an-unsteady-state/

15 views0 comments

Contact Us 

Got a query? Get in touch with us 

Find Out More 

Learn more about what we can do for you

  • Twitter Clean
  • Blogger Clean
  • LinkedIn Clean

​© The Copper Room, Deva Centre, Trinity Way, Manchester, M3 7BG Telephone 0161 608 0000. Registered in England and Wales 8719380.