Regulatory Developments

Last updated:

3 months 2 weeks ago

Blog Manager

One of Jisc’s activities is to monitor and, where possible, influence regulatory developments that affect us and our customer universities, colleges and schools as operators of large computer networks. Since Janet and its customer networks are classified by Ofcom as private networks, postings here are likely to concentrate on the regulation of those networks.

Postings here are, to the best of our knowledge, accurate on the date they are made, but may well become out of date or unreliable at unpredictable times thereafter. Before taking action that may have legal consequences, you should talk to your own lawyers.

NEW: To help navigate the many posts on the General Data Protection Regulation, I've classified them as most relevant to developing a GDPR compliance process, GDPR's effect on specific topics, or how the GDPR is being developed. Or you can just use my free GDPR project plan.

Download as PDF

Blog Document

Revised DPIA cribsheet

Shortly after we did out first Data Protection Impact Assessments, on the Janet Security Operations Centre and the Jisc Learning Analytics Service, the ICO published its

Data Protection Regulation

Data Protection Impact Assessment

31 January 2019 at 3:03pm

Andrew Cormack

Blog Document

DPIAs: First Attempts

Article 35 of the General Data Protection Regulation introduces a requirement to conduct a formal Data Protection Impact Assessment (DPIA) for any processing that may involve a high risk to individuals. The Article 29 Working Party’s DPIA guidance contains a helpful list of nine factors that may give rise to a high risk. Any activity involving two or more factors is likely to require a DPIA.

Data Protection Regulation

GDPRtopics

Data Protection Impact Assessment

2 May 2018 at 11:48am

Andrew Cormack