Blog · PURPOSE AND MEANS

Blog

Latest insights on data protection, AI governance, and GRC leadership.

14 Jan 2025 · 4 min read

Horizon scanning for data protection: are you future-proofing or just firefighting?

Move beyond reactive data protection. Learn why horizon scanning is essential for future-proofing your organisation against emerging risks and regulations.

13 Jan 2025 · 4 min read

Dark data is wasting resources and your ESG score isn’t looking good either

Dark data drains resources and harms your ESG score. Discover how data protection and environmental sustainability are deeply connected.

12 Jan 2025 · 4 min read

AI Governance needs to be living and breathing, not a dead duck

Static AI policies fail silently. Discover why living, breathing governance frameworks actually guide ethical AI decisions and protect your business.

9 Jan 2025 · 4 min read

Over-reliance: when tools stop helping and self-doubt creeps in

Balancing AI progress with accountability, this post explores the risks of over-reliance and the need for strong governance to maintain control

8 Aug 2024 · 5 min read

Leadership Explainer: k-Anonymity, l-Diversity and t-Closeness

Understand k-anonymity, l-diversity and t-closeness: three key anonymisation techniques explained simply for senior stakeholders and boards.

31 Jul 2024 · 5 min read

History and Origins of Tracking Consumers and Cookies

Explore the history and origins of tracking consumers online and the evolution of cookie technology.

31 Jul 2024 · 3 min read

Understanding Governance versus Management of Technology

Lots of talk about ‘governance’ these days in various technology contexts, especially around AI. Lots of misunderstandings too.

9 Feb 2024 · 1 min read

If you're striving for excellence in your data protection work then don't accept mediocrity.

Elevate your data protection employee engagement beyond box-ticking. Learn how to build genuine passion and practical knowledge among your team.

28 Jan 2024 · 1 min read

Happy Data Protection Day!

Last-minute Data Protection Day ideas? Get a free plan B event kit with printable artifacts to celebrate data protection in your office.

5 Jan 2024 · 1 min read

Data protection day/week/month 2024.

Purpose and Means is here to help and make you and your data protection team shine. We have tons of content and shed loads of ideas.

15 Mar 2017 · 5 min read

GDPR data flow mapping - an approach

A pragmatic, visual approach to mapping personal data flows for GDPR compliance — covering collection, storage, use, transfer and disposal across legal entities.

8 Mar 2016 · 3 min read

GDPR: which tool to use for mapping data flows

Written in March 2016, this article asks which tools organisations should use to map personal data flows for GDPR — from Visio and Excel to Microsoft's free Threat Modelling Tool.

Browse by Topic

accountability accountability frameworks ai act ai ethics ai governance ai infrastructure sovereignty ai literacy ai regulation article 12 article 13 article 22 article 25 article 28 article 30 article 32 article 35 article 46 article 5 article 6 article 7 audit and assessment automated decision-making awareness campaigns behaviour change beyond legal board reporting case law cloud infrastructure compliance monitoring consent cookie compliance cross-border transfers dark patterns data breach notification data flows data mapping data minimisation data processing agreements data protection data protection by design data protection day data protection leader data quality data residency data retention data science data sovereignty datatilsynet deceptive design direct marketing dora dpia education employee data employee engagement eprivacy esg executive communication external legal counsel finance and banking gdpr gdpr at 10 generative ai governance grc healthcare horizon scanning hr and data protection hr and employment incident response information security intellectual property internal communications international transfers lawful basis leadership lego serious play machine learning marketing nis2 privacy by design privacy culture product management profiling public sector quantum computing records of processing regulatory guidance risk management risk reduction ropa software development special category data standard contractual clauses strategic planning sub-processors sustainability third-party risk training design transparency trend radar ux design vendor management visual communication weak signals workshop facilitation