Information Commissioner’s Office (ICO) announces its intention to fine British Airways for a data breach under GDPR
The ICO have just published its Notice of Intent to fine British Airways £183.39 million for infringements of the security principle of GDPR. The breach was disclosed by the airline back in September 2018.
While the ICO has merely published its intention and no actual fine has been imposed, the fact that the ICO has published a Notice of Intent suggests that it has enough evidence of the breach to keep British Airways on the hook.
The ICO’s investigation found that a variety of information was compromised by poor security arrangements at the company, including login, payment card, and travel booking details, as well as the name and address of customers.
The Legal Services Board (LSB) has granted all the amendments to the Standards and Regulations proposed by the Solicitor’s Regulation Authority (SRA). The new set of rules which will replace the current SRA Handbook are set to come into force on 25 November 2019.
The main changes to the previous draft Standards and Regulations concern the expectations of a COLP or COFA when disclosing a serious breach in a law firm. The changes mean that the ability to report a breach will be much earlier than currently set out in the SRA Handbook.
The SRA Handbook is being replaced by the SRA Standards and Regulations, which will be in force from November 2019.
The new focus of the SRA Standards and Regulations is on each legal professional being able to justify their actions in all work that they carry out. For many legal professionals, including partners, managers, solicitors and support staff, this will require a significant change in approach. Legal professionals often only consider their professional obligations when a conflict of interest arises. However, the new SRA Standards and Regulations emphasise that legal professionals must be able to demonstrate compliance at all times.
To help firms prepare for the new regulations, VinciWorks will soon be releasing a suite of courses. The courses dynamically create a personalised learning experience based on an individual’s role in a law firm. This ensures everyone taking the course will learn what they need to know, and not waste time reviewing areas irrelevant to their practice.
The courses will help legal professionals, including support staff, to develop an understanding of the relevant SRA regulations which apply to their specific role in the law firm. SRA: Standards and Regulations ensures that all employees of an SRA regulated law firm who have a legal obligation to follow the SRA Standards and Regulations have sufficient knowledge to stay compliant.
“The Health and Safety at Work etc Act 1974 requires all businesses in the UK to provide whatever information, instruction, training and supervision as is necessary to ensure, so far as is reasonably practicable, the health and safety at work of employees.”
Despite the legal requirement, health and safety training has a bad reputation. Most people working in an office don’t want to do it, and won’t think about it much again. VinciWorks is currently developing a new OHS course designed to make training more engaging and relevant to the user’s workplace.
Health and Safety for Office Workers
VinciWorks’ Health and Safety for Office Workers course delivers short, interactive health and safety training units which are customised to the specific office they work in by default. Gone are the endless slides that bear little to no relevance to a person’s working environment. Health and Safety for Office Workers provides all the health and safety information in one place.
Keeping up with new regulations can be very challenging and time-consuming. Regulators expect companies to identify and react to all regulations that have an impact on their firms. This can be very tricky, but VinciWorks has your back.
To help you stay ahead of the curve, VinciWorks has published a regulatory agenda with an overview of recent changes and a regulatory horizon with topics on the agenda.
The agenda covers
Acts of Parliament
Bills before Parliament
We have created this resource to help break down new and emerging regulations to help you and your company comply with the ever-changing laws. Feel free to Regulatory agenda for June 2019 to ensure you are up to date on the latest information on UK regulations.
Last May, the European Union created the 6th Directive on Administrative Cooperation (the “DAC6”). Under this new law tax intermediaries are required to report certain cross-border arrangements that contain at least one of the hallmarks as defined in DAC6.
DAC6 contains five different hallmark categories that represent an indication that a transaction may have a potential risk of tax avoidance.
This blog will focus on the category E hallmarks which are classified as generic hallmarks, and may include one of the following:
13 months ago, the Economic and Financial Affairs Council of the European Union (ECOFIN) adopted the 6th Directive on Administrative Cooperation (the “DAC6”). This new directive requires tax intermediaries to report specific cross-border arrangements that contain at least one of the hallmarks that are defined in DAC6.
Within DAC6, there are five different hallmark categories that represent an indication that a transaction may have a potential risk of tax avoidance.
This blog focuses on the category D hallmarks which are classified as generic hallmarks and may include one of the following:
1.Arrangements undermining reporting obligations – This could include those arrangements undermining European Union legislation, other equivalent agreements which take advantage of the lack of legislation or agreements in place.
The Economic and Financial Affairs Council of the European Union (ECONFIN) has adopted the 6th Directive on Administrative Cooperation (“DAC6”), requiring tax intermediaries to report certain cross border arrangements. Under DAC6, intermediaries may be required to submit all cross-border transactions and backdate them when member states publicise their requirements.
In this webinar, Legal and Research Executive Ruth Cohen and Director of Best Practice Gary Yantin helped dissect the new regulation and gave guidance on reporting and training requirements under DAC6.
“DAC6 is one of the most difficult pieces of regulation that a firm has to implement”
VinciWorks hosted a roundtable meeting with representatives from over 20 firms to discuss DAC6 and its implementation. Here are the key takeaways from the conversation.
1. Who is responsible for submitting initial DAC6 data if
a transaction may be reportable?
In the pre-meeting survey, the responses showed that the main people who would potentially submit initial data would be partners, associates, or nominated jurisdiction representatives. A staggering 50% of the respondents noted that they were unsure who would submit the initial information at this stage. During the discussion it was mentioned by some firms that fee earners would be the ones who would decide if this transaction was reportable, then there would be a second level of quality check to confirm if it was a reportable transaction.
Everyone has the right to be safe and respected at work. But this does not always happen. Following the release of our story-based harassment course, VinciWorks has released a new diversity course, Diversity and Inclusion at Work: MyStory. This training sheds light on stories of discrimination all too frequently experienced by people in the workplace.
MyStory raises awareness of the prevalence and impact of discrimination. It is designed to bring to life the real impact of equality and diversity through storytelling. The user is presented with a series of short, hard-hitting personal accounts of diversity-related discrimination at work.