• All
  • Data Science
  • News
  • Privacy
  • Research Highlights
  • Security

How stakeholder engagement makes our communication more effective Through our experience in multi-partner projects and international consortiums, we have come to the conclusion that while stakeholder engagement is critical to ensure that project progress is in line with stakeholders’ needs, it is also crucial for communicating...

Trilateral Research is working to raise awareness of privacy, including data protection requirements, among both recreational and commercial drone users with our work on the DroneRules.EU project. To take full advantage of the benefits of drone applications, while ensuring their responsible use, the DroneRules.EU project website...

Webscraping tools, sometimes referred to as ‘bots’, allow the extraction and collection of code and data from the web for later retrieval or analysis. Their uses range from law enforcement to journalism, to research and business, facilitating data and market analysis, visualisation, and even price...

Trilateral Research hopes to join other partners to write a proposal for the upcoming EU funded project to prevent and combat gender-based violence and violence against children. The deadline for submissions is 14 November 2017, and we would like to contribute with our experience and expertise...

There is a strong need for clear ethical guidelines and monitoring practices within European projects as we are moving towards a Responsible Research and Innovation (RRI) environment. We, at Trilateral, have in-depth understanding of RRI and research ethics and can help ensure ethical conduct within...

The virtual currency Bitcoin is among the most well-known applications of blockchain technology. A blockchain is a distributed ledger/database, grown and supported by decentralized network nodes. In Bitcoin, the blockchain is used to maintain a continuously growing list of records of transactions, called blocks, which...

More than 140 participants and high-level EU officials attended the SATORI project (of which Trilateral is deputy coordinator) final conference held in Brussels on 18-19 September 2017. The conference discussed current and future trends in ethics of R&I. The SATORI Final Conference Ethics Assessment of Research...

Last month, the Crisis team’s Su Anson and Maurice Said participated in the 7th Annual Conference of the Institute for Risk & Disaster Reduction (IRDR) at UCL, presenting information on two projects – ResiStand and PREP1. The conference took place on 21st June 2017 in London and...

The lack of a balanced and harmonised approach to ethical assessment of research and innovation (R&I) projects in many countries often leads to unwanted outcomes such as unethical research, poor quality of ethics reviews, and uncertainty for researchers, innovators and regulators. To overcome these bad...

The use of data analytics, machine learning and data visualisation for quality control and predictive maintenance within manufacturing settings is not an obvious space to consider research ethics. Nevertheless, such projects often use employees or members of the public to gather requirements, test systems and...

ENERGIC-OD develops a geospatial data brokering infrastructure throughout Europe. It achieves that through deployment of Virtual Hubs (VHs) – a set of technologies rendering diverse types of geospatial data accessible through a single and easy-to-use API (application programming interface). The purpose of the project is to...

With the close of the BYTE project on Social, legal and ethical issues related to big data practice, the BYTE team is transitioning to the BYTE big data community (BBDC). In partnership with CNR-IIA, Siemens, Insight Centre and UIBK (as well as other partners), TRI is launching...

This week, TRI’s Crisis Team sent out their second newsletter updating their contacts with information on: Our new project – IN-PREP Funding activities related to Migration and Global Security, and Security Events we have attended and upcoming events New publications authored by the Crisis Team ...

Here at Trilateral, we recognize the importance of effective dissemination and stakeholder engagement and deliver these services for the European Commission funded FORTRESS, INSPEC2T and ResiStand projects. In developing dissemination and communication strategies, we carefully design our objectives to ensure the maximum impact for our clients considering what they would like...

Whether you are an ethics committee member, policy maker interested in ethics and responsible research and innovation, a corporate social responsibility (CSR) manager, a research funder, a researcher, NGO, or journalist looking for information about ethics assessment of research and innovation (R&I), you can find...

European researchers have developed a platform to help health services allocate scarce medical resources in the event of a pandemic, a stadium crush or other event that strains the resources of hospitals. Health service stakeholders (ambulance personnel, hospitals and national agencies) can use the platform to...

The CLARITY project is now nearing its halfway point and we wanted to share with you some of our work in 2016 and what is upcoming in the next year. Our work in 2017 will feature: A Catalogue of open eGoverment applications across Europe The CLARITY marketplace for open eGoverment...

The European Union Agency for Network and Information Security (ENISA) recently published their official guidance on Securing Smart Hospitals and Securing Smart Airports; these are available to the public and free to download from the ENISA website. Both reports were produced by Trilateral Research’s Consultancy team,...

The SATORI project has issued its December 2016 newsletter (compiled by Trilateral Research Ltd; Trilateral leads the policy developments work package of SATORI and is deputy co-ordinator of the project) featuring policy developments in the ethics of research and innovation at the EU and national level! The...

  Trilateral’s Anna Donovan recently presented findings from the TRACE Project on the role of technology in human trafficking at the 2016/2017 webinar series titled, “New Technologies, innovation, Entrepreneurship Tackling Human Trafficking.” The webinar series is jointly hosted by the Babson College Initiative on Human Trafficking and Modern Slavery and...

As 2016 comes to a close, we’d like to invite you to join us for a look back over what we’ve been up to this year, and what is coming up in 2017. Cutting edge Technology team An exciting development for Trilateral this year has been the...

By David Barnard-Wills, 12 December 2016 The DEVELOP project is building an adaptive learning environment that supports people in medium and large companies to explore and plan learning opportunities and careers, drawing upon multiple forms of assessment, including social capital analysis. As a partner in the DEVELOP consortium...

By David Barnard-Wills, 30 November 2016 Trilateral is pleased to announce a new publication by Senior Research Analyst Dr David Barnard-Wills. The article, “The technology foresight activities of European Union data protection authorities” has been published online first in the peer-reviewed journal Technological Forecasting & Social Change....

Outsourced DPO

See below a list of standard requirements for this service, however we are always available to tailor our services in relation to our clients' needs.

Contact us to discuss further.

Serve as your DPO

Company name and contact details transmitted to the ICO Company name and contact details available to:
  • Management
  • Employees
  • Data subjects
Article reference: 37

Contact point for data subjects

  • Contact data accessible on the websites and privacy notices
  • Function as the main public contact point (email & post)
  • Guide your organisation on the possible sources of data access requests.
Article reference: 38(4)

Contact point for Data Protection Authorities
(e.g. ICO)

Liaise with the ICO in case of issues with data subjects and data breaches.
Article reference: 39(1)(d), 39(1)(e), 36

Ad hoc advice on difficult data protection issues

Written opinions on data protection queries, with an analysis of relevant issues or other relevant legislative elements
Article reference: 39(1)(a)

Regular newsletter to inform and advise on relevant developments and possible challenges in data protection

Newsletter containing the latest regulatory news and compliance guidance, and news concerning conferences and training opportunities
Monthly
Article reference: 39(1)(a)

Annual gap analysis

Audit and gap analysis to map new activities and data-processing practices
Virtual
Article reference: 39(1)(b)

Status discussion (via phone/skype) and report

Discussion and report
Every 6 months
Article reference: 39(1)(b)

Review of the privacy notices

Review of the privacy notices to ensure accuracy and advice on how to improve
Article reference: 39(1)(b)

Provide advice to the client organisation on how to carry on data protection impact assessments (DPIA) and to monitor their performance

We provide advice on:
  • Whether to carry out a DPIA
  • The best methodology to follow
  • Whether to carry out the DPIA in-house or to outsource it depending on the complexity
  • What safeguards (including technical and organisational measures) to apply to mitigate any risks to the rights and interests of the data subjects
  • Whether the DPIA has been correctly carried out and whether its conclusions are in compliance with the GDPR
Article reference: 39(1)(c)

Oversee the establishment and maintenance of the Record of Processing Activities

  • Contact point for the designated employee
  • Guidance on the Record, including provision of check-lists, best practices, and methodological advice
Article reference: 39

Provide guidance on data breach handling and reporting

  • Contact point for the responsible person
  • Contact point for the ICO
  • Advice on best practices for handling data breaches, including notification requirements, reporting and identification of measures to limit damage
Article reference: 33(3)(b)

Monitor the data-protection-training activities and advise on their necessity

  • Inclusion of a chapter on training in the status reports
  • Provision of news and updates on relevant conferences and training courses (newsletter)
  • Provision of training materials, where appropriate
Article reference: 39(1)(b)

Email and telephone assistance

-
Article reference: -

Bespoke notifications to management on critical legislative, judicial, or policy developments that may impact your business

Email notification with explanation of the development and a preliminary overview of the impact on the organisation
Article reference: 39(1)(a)

Training seminar on the developments of data protection law and policy

-
Article reference: -

Review of the consistency of the internal documents concerning data processing practices

Cross-check of the consistency of the internal documents
Article reference: 39(1)(b)

Weekend and holidays data breach guidance

Data breach guidance during the weekends and holidays
Article reference: -

DPO Assist

See below a list of standard requirements for this service, however we are always available to tailor our services in relation to our clients' needs.

Contact us to discuss further.

Ad hoc advice on difficult data protection issues

Written opinions on data protection queries, with an analysis of relevant issues or other relevant legislative elements
Article reference: 39(1)(a)

Regular newsletter to inform and advise on relevant developments and possible challenges in data protection

Newsletter containing the latest regulatory news and compliance guidance, and news concerning conferences and training opportunities.
Monthly
Article reference: 39(1)(a)

Annual gap analysis

Audit and gap analysis to map new activities and data-processing practices
Virtual
Article reference: 39(1)(b)

Status discussion (via phone/skype) and report

Discussion and report
Annually
Article reference: 39(1)(b)

Review of the privacy notices

Review of the privacy notices to ensure accuracy and advice on how to improve.
Article reference: 39(1)(b)

Provide advice to the client organisation on how to carry on data protection impact assessments (DPIA) and to monitor their performance

We provide advice on:
  • Whether to carry out a DPIA
  • The best methodology to follow
  • Whether to carry out the DPIA in-house or to outsource it depending on the complexity
  • What safeguards (including technical and organisational measures) to apply to mitigate any risks to the rights and interests of the data subjects
  • Whether the DPIA has been correctly carried out and whether its conclusions are in compliance with the GDPR
Article reference: 39(1)(c)

Provide guidance on data breach handling and reporting

  • Contact point for the responsible person
  • Advice on best practices for handling data breaches, including notification requirements, reporting and identification of measures to limit damage
Article reference: 33(3)(b)

Monitor the data-protection-training activities and advise on their necessity

  • Inclusion of a chapter on training in the status reports
  • Provision of news and updates on relevant conferences and training courses (newsletter)
  • Provision of training materials, where appropriate
Article reference: 39(1)(b)

Email abd telephone assistance

-
Article reference: -

Bespoke notifications to the top management on critical legislative, judicial, or policy developments that may impact your business

Email notification with explanation of the development and a preliminary overview of the impact on the organisation
Article reference: 39(1)(a)

Compliance Support

See below a list of standard requirements for this service, however we are always available to tailor our services in relation to our clients' needs.

Contact us to discuss further.

Data Mapping

Map the data flows within your organisation to better understand how personal information flows between departments

Data Protection Impact Assessments

Where required by the GDPR or national law, conduct or review DPIAs using our library of good practices
Article reference: 35

Consent and Privacy Notice Requirements

Revise and improve consent and privacy notices to meet transparency and accoutnability requirements

Gap Analysis

Identify gaps in your organisation's compliance with the GDPR, national data protection legislation or sectoral legislation

Data Protection Audit

Audit your organisation's activities to assess your compliance with applicable data protection law

Data Protection-by-design and -default

Work with your technical and admin teams to operationalise Data Protection-by-design and -default, using established good practice
Article reference: 25

Training

We offer general, role-based (e.g., HR) and activity based (e.g., DPIA) training. All our training materials are designed to be accessible to non-experts and easy to use

General compliance support

Support for creating required documentation, including, but not limited to Records of Processing activities, Data retention (and deletion) schedules, Personal Data Breach procedures, Subject Access Request procedures, Training materials, Legitimate Interest Assessments, etc.)