Data Protection and Incident Response

Recently I was invited to give a one-hour presentation on Data Protection and Incident Response, looking at how the demands of the two fields align and support each other, and how law and guidance have come to recognise that over the past decade or so. I finished with some thoughts on areas – data collection and information sharing – where there may still need to be some work to get the compatibility of purpose fully recognised; but even here there’s good reason to be optimistic.

Incident Response and GDPR: slides

If you’d like to know more, look at the incident response tag on this blog, or read my peer-reviewed papers:




By Andrew Cormack

I'm Chief Regulatory Advisor at Jisc, responsible for keeping an eye out for places where our ideas, services and products might raise regulatory issues. My aim is to fix either the product or service, or the regulation, before there's a painful bump!

Leave a Reply

Your email address will not be published. Required fields are marked *