The #MeToo movement started off with a simple tweet on Sunday night, October 15th 2017, by activist and actress Alyssa Milano. Lying in bed next to her daughter, she saw a post by a friend online saying, “If all the women who have been sexually harassed or assaulted wrote ‘Me too’ as a status, we might give people a sense of the magnitude of the problem”. No one could have predicted the light a single match in the dark would create when Mrs. Milano tweeted it. By the time she awoke Monday morning the tweet had garnered over 30,000 replies and by Monday evening it had surpassed 53,000 comments, including stories from other celebrities, women and men alike.
A brief guide to avoiding bribery
Gifts and donations are often a part of business, whether it is cultural norms or celebrating a completed negotiation. However, there are certain instances in which it is important to be vigilant of the circumstances behind donations as they may be attempts to bribe. here is a short guide to spotting potential red flags and avoiding bribery.
Charitable or political donations can be viewed as attempts of bribery if there is something unusual about the inherent qualities or timing of the donation. Bribery is not always a mutual arrangement and it may not be known to the donee if there is a bribe occurring. When receiving gifts and donations it is important to be vigilant as some types may be seen as improper.
On 25 May 2018 the long-awaited GDPR came into force across the EU. On the same day, the UK’s Data Protection Act 2018 also became law. While the DPA 2018 incorporates large chunks of GDPR wholesale, it also carved out some specific exemptions that UK businesses need to know about.
In our webinar on understanding the Data Protection Act 2018, VinciWorks’ GDPR experts Nick Henderson and Gary Yantin explored the newly enacted DPA 2018 and the key differences and derogations from GDPR you need to know about. These include:
- The interconnected relationship between GDPR and the DPA
- The powers and role of the ICO
- How Brexit will affect data protection law
- Using automated decision making and customer profiling
- How to process criminal offence data in the UK
- The new criminal offences in the UK
Over the weeks leading up to the General Data Protection Regulation (GDPR) coming into force, VinciWorks has hosted a number of webinars on the topic, answering hundreds of questions in the process. You can get instant access to all our GDPR webinar recordings by clicking on the links below.
Understanding the Data Protection Act 2018
In our webinar on understanding the Data Protection Act 2018, VinciWorks’ GDPR experts Nick Henderson and Gary Yantin explored the newly enacted DPA 2018 and the key differences and derogations from GDPR you need to know about.
Full-day GDPR webinar
On 24 May, the day prior to GDPR coming into force, VinciWorks hosted a full-day webinar including live Q&As, interviews with GDPR experts and helpful advice on complying with the new regulation.
Watch full webcast
GDPR – Data Protection Impact Assessments
During this webinar, Nick guided listeners through the process of conducting a DPIA. He also answered questions on the topic of DPIAs and gave guidance on next steps to those who have already begun the process.
What is the consolidated sanctions list?
The consolidated list is a list of financial sanctions targets in the United Kingdom. If you are doing business with an individual or company associated with a person on this list, even if it is just a target match, you must report it to the Office of Financial Sanctions Implementation (OFSI). The guidance given in this blog has been taken from VinciWorks’ e-learning course on sanctions regulations.
What is a target match?
A target match occurs when the individual in question matches information that is included on the consolidated list. This means there is either a name match, close name match, similar date of birth, or other information that may lead you to conclude the individual and person on the list are the same. When in doubt, you can contact the OFSI for assistance.
Now that GDPR (General Data Protection Regulation) day has passed, the role of human resources officers within an organization has become even more significant. With the new regulations now in place, it is important for individuals working in HR to be aware of the new laws and standards in place for employee data protection in your area. VinciWorks’ guide to GDPR compliance for human resources staff will give you a clearer understanding and general knowledge of what is required.
The month of October saw an alarming number of allegations of sexual harassment. This includes the demise of Hollywood film producer Harvey Weinstein, Netflix cutting ties with actor Kevin Spacey and the spread of allegations to Westminster.
With a BBC survey finding half of women in the UK and a fifth of men have been sexually harassed at work or at a place of study, it is clear managers must promote a culture whereby staff can bring up any concerns of sexual harassment in the knowledge that they will be heard and dealt with.
A knowledge check is a short course that helps users refresh their knowledge on key compliance topics
When it comes to compliance training, ensuring your staff trains on the topics most relevant to both your organisation’s needs and their role can be a challenge. For example, when carrying out GDPR training, those in marketing will need training that focusses on processing data and dealing with subject access requests. IT professionals, on the other hand, need to focus on data security and technical measures. While our modular GDPR training is fully customisable and can be configured into over 1,000 versions, customised refresher training is also a key part in ensuring the knowledge has not been forgotten.
VinciWorks has therefore created a tool that allows businesses to create a short course, known as a knowledge check, from scratch that can be rolled out to their whole staff, specific departments or a member of staff in a particular role.
Internet technology departments are extremely valuable when it comes to data protection compliance for an organisation. GDPR (General Data Protection Regulation) ensures that consumer and employee data is more secure than ever. What does that mean for the IT department? They must be careful when collecting and analysing information online. Any information collected that can be used to distinguish one individual from another is personal data.
To help organisations and IT departments understand what is required from them, VinciWorks has published a host of data protection resources including one specific to internet technology as well as many others. Understanding how to safely and securely collect and analyse data will ensure you meet all compliance guidelines as well as keep your consumers and employees protected.
When your organisation is using third parties, it is essential to complete your own due diligence equal to the risk faced from the said relationship. With businesses and partnerships around the world growing, it is essential to make sure all your relationships and third parties are legal and legitimate. VinciWorks’ guide to risk based third party due diligence will give you a clearer understanding of how to conduct a detailed and genuine risk assessment.