Cordery | News

Cordery Head to Head: Tom Fox on Investigations & Improving Your Compliance Program

November 9, 2020

In this edition of Cordery Head to Head @ Home Cordery’s Jonathan Armstrong talks to Tom Fox. Tom is one of the US’s leading compliance commentators. Tom joins us from his home in Houston, Texas. Tom has practiced law in Houston for 30 years. He is now an Independent Consultant, assisting companies with anti-corruption and Read more »

Client Alert: ICO Fines Marriott £18.4m after Data Breach

November 3, 2020

We first published this note on 30 October 2020 and we have updated it since to take into account additional developments in the case Introduction The ICO has finally imposed a fine (its second highest so far) on Marriott International Inc. (Marriott) of £18.4m for a data breach affecting Starwood Hotels and Resorts Worldwide Inc. Read more »

Client Alert: Experian comes out fighting against ICO Enforcement Notice

October 30, 2020

Introduction The UK Information Commission’s Office (ICO) has slapped Experian with an enforcement notice requiring the company to make major changes to how it processes personal data in its UK marketing services business. The two other largest credit reference agencies (CRAs) Equifax and TransUnion were also investigated at the same time in relation to their Read more »

Cordery Head to Head: Mary Shirley on the Need to Understand Culture in Compliance

October 23, 2020

In this edition of Cordery Head to Head @ Home Cordery’s Jonathan Armstrong talks to Mary Shirley. Mary is currently Head of Culture of Integrity and Compliance Education at Fresenius Medical Care. Mary joins us from Boston. Mary was born in New Zealand and has worked extensively in Asia and now in the US. They Read more »

Client Alert: Subject Access Requests under GDPR

October 22, 2020

Introduction We have written before about the issues with subject access requests (SARs) under GDPR. We are seeing a real rise in requests at the moment in part due to the current pandemic as employees in particular are making requests about the data that an employer or ex-employer might hold on them. There is a Read more »

Client Alert: Possible Limits on Subject Access Requests – UK Court Rulings: Lees v Lloyds & Sheriffdom of Glasgow and Strathkelvin

October 21, 2020

Introduction Data protection rules (including GDPR and the UK Data Protection Act 2018) allow for individuals to make so-called “Subject Access Requests” (SARs) where they can seek to obtain copies of the personal data held about them by organisations and certain other related information about how that data is stored and processed. Recent rulings by Read more »

Client Alert: ICO Fines BA £20 million for Data Breach

October 16, 2020

Introduction The ICO has finally imposed a fine (its highest so far) on British Airways (BA) of £20 million for a major data breach that affected 400,000 of its customers. This matter had been significantly delayed (as we wrote about here https://www.corderycompliance.com/is-ba-fine-in-departure-lounge/) and is a very significant climbdown from the original intention that the ICO Read more »

Client Alert: Belgian DPA Takes Action Over Leaver’s Email Account

October 16, 2020

Introduction The Belgian Data Protection Authority (DPA) recently fined a small unnamed Belgian medical business €15,000 for breaching GDPR for failing to deactivate their email messaging system for a former employee. This meant that customer personal data could be accessed for an extended period. This brief article highlights a number of important issues raised in Read more »

Client Alert: SFO secures convictions of two former Oil Executives

October 15, 2020

We first wrote this alert on 20 July and we have updated it to reflect the sentencing hearings. Introduction Two former Unaoil executives were convicted in London on 13 July 2020 of bribing an Iraqi government official to win lucrative oil contracts worth $800 million. Ziad Akle and Stephen Whiteley were found guilty of conspiring Read more »