Interesting Articles

GDPR and DPO Training

The GDPR and the Data Protection Act 2018 require organisations to ensure staff are aware of their own and the organisation's responsibility in respect of data protection. Other regulatory organisations including PCI DSS, BSI and the FCA also mandate training and awareness for staff.

We believe that face-to-face training and awareness is highly effective as it provides staff with the opportunity to raise questions and discuss data protection issues relating to their organisation. It also establishes an ongoing relationship between our trainers and your staff should they wish to ask further questions post-training.

On October 3rd, 2019 Information Governance and IT professionals from the North East, North West of England and Scotland gathered for the launch of the Northern Information Governance Forum at the prestigious Head Office of Virgin Money in Newcastle.

The event was opened by Mark Dennis, Managing Director of Evolve North (one of the sponsors of the event) who introduced the forum as ‘a self help group for Data Protection and Cyber Security folks’. Mark stressed that the NIGF requires support from all of us, nothing is set in stone and its ownership is all of us. Mark thanked the additional sponsors of the launch event including; Virgin Money, Online Systems, and NGI. 

Industry - Data Protection

The Information Commissioner’s Office has recently reiterated its message to businesses to “prepare for all scenarios” in light of the possibility that the UK leaves the European Union with no deal.

Personal information has been able to flow freely between organisations in the UK and EEA without any specific measures due to the fact that there is a common set of rules for processing data under the EU General Data Protection Regulation. This two-way free flow of personal information will no longer be the case if the UK leaves the EU without any additional agreement that specifically provides for the continued flow of personal data.

Regardless of Brexit, businesses will need to consider if they are currently transferring personal data to countries outside the EU, but Brexit brings in the additional complication that once the UK leaves Europe, additional measures will be needed to assure data transfers into the UK.

Hospitality PCI

Evolve North has worked on PCI projects for over 8 years, predominantly in the hospitality industry but also in other sectors such as transportation, housing associations and political parties. We specialise in helping clients reach compliance with the PCI DSS.

In a nutshell, we take clients through the minefield of completing the SAQ and ensuring the are operating in a compliant manner.

“We were recommended to use Evolve North to help us with our PCI DSS compliance.  Not knowing where to start but knowing we needed to start, Evolve North held our hand through the process making it less daunting and breaking it down into achievable segments.  They helped by assisting us with information governance, advising us on the best technical implementation and best practices and where best to prioritise our efforts to achieve maximum coverage.

They specifically helped guide me to achieve the PCI ISA qualification, which then enables our group to complete our own PCI SAQ.  

With Evolve North we held regular meetings to ensure we stayed focused and ‘on track’ and knowing they were also available at the end of a phone to answer those ‘quick’ questions when required was also comforting.    All through the process, I found Evolve North easy to work with and knowledgeable on all areas of compliance from PCI DSS to Data Protection”.  

- Kate Banks, Compliance Officer, Village Hotel Club