IG & Data Protection Blog
Latest articles on information governance, UK GDPR, NHS DSPT, and data protection from Infinitic Consultancy.
-
AI Systems & Individual Rights UK: Navigating GDPR Compliance
4 April 2026
A recent ICO survey revealed 60% of UK adults are concerned about AI's use of their personal data. This guide helps UK businesses design AI …
-
7 Essential Steps for Effective ICO Audit Preparation
4 April 2026
Prepare for an ICO audit with confidence. This guide provides 7 essential steps, from documentation review to readiness drills, ensuring you…
-
3 Ways to Manage UK GDPR Processor Risk Effectively
31 March 2026
Discover three practical and proportionate ways to manage UK GDPR processor risk, safeguarding personal data and maintaining compliance in y…
-
How to Write Your DSPT Information Security Policy in 6 Steps
21 March 2026
Many organisations dread policy writing, but an effective Information Security Policy is crucial for DSPT compliance. This guide breaks down…
-
How to Get Your Organisation Cyber Essentials Certified: An IG Perspective
21 March 2026
Discover how to achieve Cyber Essentials certification UK, linking its five controls to robust information governance and UK GDPR compliance…
-
How to Conduct a Data Breach Risk Assessment in 5 Steps
15 March 2026
Demystify data breach risk assessment under UK GDPR with our practical, step-by-step guide, focusing on likelihood, impact, and actionable m…
-
How to Conduct a Data Protection Impact Assessment (DPIA) for NHS Organisations in 5 Steps
15 March 2026
Navigating DPIA NHS requirements can feel daunting. This practical guide outlines 5 clear steps for healthcare organisations to conduct a Da…
-
Nuisance Calls and the High Price of Complacency: What the £225,000 ICO Fines Mean for Your Business
12 March 2026
Recent ICO fines highlight a critical business risk: treating the Data Protection Impact Assessment (DPIA) as a mere formality. This guide e…
-
How to Map Your Organisation's Data Flows in 4 Simple Steps
9 March 2026
Feeling overwhelmed by UK GDPR? Discover how data flow mapping clarifies where personal data goes, helping you protect individuals and demon…
-
5 Critical Questions for Patient Data Sharing UK Compliance
9 March 2026
Navigating patient data sharing in the UK requires careful consideration. This guide outlines five essential questions to ensure your practi…
-
Why Your DSPT Evidence Checklist Isn't Your Improvement Plan
8 March 2026
Many organisations mistake a DSPT evidence checklist for a strategic improvement plan, but true compliance requires more than just ticking b…
-
How to Write a UK GDPR Privacy Notice People Actually Read
7 March 2026
Discover practical steps to create a UK GDPR-compliant privacy notice that is clear, accessible, and builds trust with your audience, moving…
-
How to Implement a Clear Desk and Clean Screen Policy That Staff Follow in 5 Steps
7 March 2026
Discover practical steps to implement an effective clear desk and clean screen policy, ensuring staff adherence, protecting sensitive data, …
-
3 Ways to Boost Staff Compliance with UK IG Policies
7 March 2026
Discover three practical, risk-based ways to genuinely improve staff adherence to Information Governance (IG) policies in your UK organisati…
-
How to Effectively Update Your Information Asset Register for UK GDPR Compliance
7 March 2026
Discover how to regularly update your Information Asset Register (IAR) in 6 practical steps, ensuring robust UK GDPR compliance and proactiv…
-
How to Handle a UK GDPR Subject Access Request in 7 Steps
7 March 2026
Many organisations mistakenly view a Subject Access Request (SAR) as a bureaucratic hurdle. This guide provides a practical, step-by-step ap…
-
Designing Effective UK Privacy Notices: Beyond Tick-Box Compliance
7 March 2026
Discover how to design UK GDPR privacy notices that truly inform and build trust, moving past generic templates to reflect your real-world d…
-
The DSPT submission deadline: Why Starting Your DSPT in May is a Risk
2 March 2026
Discover why leaving your DSPT submission to the last minute is a critical business risk, not just an administrative lapse. Learn how to avo…
-
3 Reasons Support Organisations Struggle to Complete the NHS DSPT (And How to Fix Them)
2 March 2026
Discover the three most common reasons support organisations struggle with the NHS DSPT and learn practical, risk-based steps to achieve com…
-
Reddit ICO Fine: Why ‘Self-Declaration’ of Age is no Longer Enough
28 February 2026
A landmark £14.47m ICO fine against Reddit has confirmed that relying on users to self-declare their age is no longer a defensible strategy …