Data Protection Commissioner
Data Protection Commissioner

Guidance Notes

Securing Cloud-based Environments
FIVE STEPS TO SECURE CLOUD-BASED ENVIRONMENTS. Cloud-Based environments offer many advantages to organisations. However, they also introduce a number of technical security risks which organisations should be aware of.
view more


05/01/2018 Guidance on "Meltdown" & "Spectre"
There has been extensive media reporting in recent days concerning a software “bug” or “flaw” in computer processors supplied by a number of hardware manufacturers, including Intel. Dubbed “Meltdown” and “Spectre”, the software “bug” or “flaw” may allow unauthorised access to devices such as personal computers, servers, tablets and mobile devices.
view more


01/12/2017 Commissioner issues Guidance on Connected Toys
 Guidance Note on Connected Toys The Commisisoner has issued guidance in relation to data protection issues that might occur when children and parents use toys with micro-phones and cameras that have an ability to connect to the internet.The toys, in particular dolls, may give the appearance of having a personality and human-like quality that appeals to children. In some instances, the toys can recognise words and react in certain ways which suggest an emotional response to what
view more


Adobe PDF format document22/12/2016 Guidance Note on Connected Toys
Guidance Note on toys that contain cameras or microphones and can connect to the Internet.
view more


30/11/2016 GDPR and You - Preparing for 2018
 The GDPR and You - Preparing for 2018  The Office of the Data Protection Commissioner has issued guidance on the General Data Protection Regulations for individuals and organisations 
view more


13/9/2016 Data Protection Office publishes Guidance on Anonymisation and Pseudonymisation
European Citizens have a fundamental right to privacy, it is important for organisations which process personal data to be cognisant of this right. When carried out effectively, anonymisation and pseudonymisation can be used to protect the privacy rights of individual data subjects and allow organisations to balance this right to privacy against their legitimate goals. 
view more


Anonymisation and pseudonymisation
   European Citizens have a fundamental right to privacy, it is important for organisations which process personal data to be cognisant of this right. When carried out effectively, anonymisation and pseudonymisation can be used to protect the privacy rights of individual data subjects and allow organisations to balance this right to privacy against their legitimate goals.
view more


Guidance Note for Data Controllers on Location Data
Location data Does your organisation want to collect or process information about the location of individuals? Read this guide to find out when this is allowed and what your obligations are when collecting or processing location data.
view more


Adobe PDF format documentCanvassing Guidelines
view more


Guidance on the use of Body Worn Cameras
Guidance on the use of Body Worn Cameras This guidance below should be read in conjunction with the guidance on CCTV systems The Data Protection Acts set out responsibilities for organisations or persons (data controllers) that hold and control the uses of information and provide rights to individuals in relation to how their information is processed. There are a number of data protection considerations to be met in relation to the use of surveillance systems.
view more


1/07/11 Commissioner launches guidance on new data protection requirements
The Data Protection Commissioner, Billy Hawkes has today launched new guidance to assist organisations to comply with new data protection requirements in relation to electronic communications and networks
view more


21/04/11 Data Protection: Charity Sector
The Office of the Data Protection Commissioner has now conducted a number of audits of charities. On foot of the inspection reports produced as a result of these audits, the Office is issuing this new guidance to all charities. The guidance focuses primarily on the use of personal data collected in conjunction with charities' fundraising activities in order to ensure
view more


Registration Guidance
Guide to registration requirements and fees applicable.
view more


DIRECT MARKETING - A GENERAL GUIDE FOR DATA CONTROLLERS
Targeted direct marketing, giving individuals information about products and services, is a perfectly legitimate activity – provided it respects the individual's right to privacy. Sending unwanted direct marketing is neither in your interests nor the interests of those receiving it.  Data protection law imposes strict obligations on the use of personal data (hyperlink) for direct marketing.  Because marketing using electronic
view more


Guidance Notes for Doctors - Applying for Registration under the Data Protection Acts 1988 and 2003
This document is intended as a guide for Doctors applying for registration as a Data Controller.
view more


Guide to On-Line Registration
Guide to completing a new registration or renewing / amending an existing registration on-line.
view more