Data Classification and Labeling

As organisations increasingly operate in digital environments, they are creating and handling ever-increasing volumes of sensitive data, including customer information, employee records and confidential business data. This will also include personal data, a special category that carries additional legal protections and obligations. A robust data classification and labelling process is therefore essential for managing information security and meeting these legal and regulatory obligations. What is Data Classification? Data classification involves categorising data based on its sensitivity and potential impact if compromised. Examples include: ...

2 min

Data Loss Prevention (DLP)

Data loss prevention (DLP) helps organisations protect sensitive information from loss, misuse, or unauthorised access. DLP is a strategy and set of tools designed to prevent sensitive information from leaving an organisation’s control or being accessed by unauthorised users. It works by identifying, monitoring, and protecting data in three states: when it’s being used, when it’s being transferred (such as over a network or email), and when it’s stored on devices or servers. DLP tools use content inspection and security analysis to achieve this. ...

1 min

Data Privacy

What is data privacy? Data privacy refers to the proper handling, processing, storage, and use of personal information to protect the confidentiality and integrity of individual’s data. It ensures that personal information is not only secured, but also remains accurate, and is only used for its intended use. Data privacy encompasses the policies, procedures and practices that organisations adopt to ensure personal data is collected, used, and shared in a lawful and transparent manner. These practices must comply with legal obligations such as GDPR and other application data protection laws, and must extend beyond the organisation itself to include third-party vendors such as data processors who may also be handling the data. ...

2 min

Data Protection

Data protection refers to the practices, safeguards, and rules put in place to protect personal information and ensure that individuals’ privacy rights are respected. Data protection procedures in an organisation will involve the secure handling of data to prevent unauthorised access, disclosure, alteration, or destruction. Effective data protection measures are essential for maintaining trust, and for compliance with legal and regulatory requirements. Related pages Data privacy Data classification Data disposal Worldwide data transfer Data controller Data processor Data subject rights Data breach

1 min

Data Subject

A data subject is an individual (natural person) whose personal data is collected, held, or processed by an organisation. Under GDPR and other related laws, data subjects have specific rights regarding their personal data, including the right to access, correct, and request the deletion of their data. Further reading Data Subject Definition in the GDPR act Related pages GDPR

1 min