changing how people think about information

GDPR: Our most requested slide

We've updated our most requested slide of 2014-2015 in celebration of Data Privacy Day 2016.Our slide summarises the high level themes of the GDPR, and illustrates how a strategic approach to Information Governance will support compliance.Click here to read our short summary of the slide!

+ Read more

Data Protection: Get the Basics

Organisations have a responsibility to ensure that management and staff get appropriate Data Protection training.Join us in December for an intensive education in the fundamentals of Data Protection Compliance. Date TBC

+ Read more

Peter Drucker: Knowledge has to be improved, challenged, and increased constantly or it vanishes

Introduction to Information Governance

Information & Data Governance is increasingly important in organisations of all size, but has only been recognised as a distinct discipline in recent years.Join us on the 30th March for an indepth 1-day introduction to this increasingly important skill set.

+ Read more

Upcoming Events

Check out the courses and events our team are delivering or presenting at in Ireland and internationally!Training, conferences, CPD sessions, and MORE!

+ Read more

A picture of a calendar

CMG Data Protection Conference

Daragh O Brien and Katherine O'Keefe are presenting and teaching a master class tutorial at this conference in Dublin on the 24th February. 

+ Read more

EU Data Protection Conference

Introduction to Information Quality

Poor quality information costs organisations between 10% and 35% of Turnover.This course will provide learners with a detailed insight into the principles and practices of this critical management discipline.Our IQ-101 Training course provides valuable insights into how to address this strategic business issue.

+ Read more

quality is never an accident. it is always the result of high intention and sincere effort

DP through Info Governance & Quality lens

Go Beyond Basics! Join us on 25th & 26th of November to learn how Data Protection principles are delivered through proven practices from a range of Data Management disciplines.

+ Read more

drucker: the most efficient way to produce anything is to bring together under one management

Free Whitepaper: Subject Access Requests

Get our latest whitepaper on Subject Access Requests.How well does your organisation stack up?How can Information Governance practices help?

+ Read more

Research Report: Health Identifiers

Castlebridge Associates has recently published a research report on the practical Information Governance and Data Protection issues associated with the introduction of Health Identifiers in the Health Identifiers Act 2014.Purchase here for €70 (ex VAT).

+ Read more

Person hidden by data (ones and zeros)

MDMDG 2016 - London

Join us at one of Europe's longest running and most influential Data Governance Conferences!Daragh O Brien and Katherine O'Keefe are both presenting on key topics!

+ Read more

logo for mdmdg conference

Data Protection, Information Governance, Information Quality

What We Do

We provide a range of pragmatic and practical consulting services to clients to support strategic planning and execution in the areas of

  • Information & Data Governance
  • Informtion Strategy
  • Information Quality Improvement
  • Data Protection Compliance

We apply our in-house structured methodologies to help clients deliver tangible results quickly and effectively

We provide a range of education, training, and coaching services to clients.

  • 1-to-1 "Bootcamp" instruction
  • Online instructor lead instruction
  • On-site training
  • Coaching
  • Training Needs Analysis
  • Bespoke/Tailored education

Our training materials are aligned with leading certification syllabus requirements. All trainers are experienced practitioners.

Our current Public Training Catalogue can be found HERE

We promote awareness of information management issues & opportunities through:

  • Research studies, Whitepapers, & Publications
  • Media comment / debate
  • Support for Civic Society organisations
  • Presentations at Conferences

Our team are all internationally rated conference speakers and tutors.

Who We Are

Castlebridge Associates is a specialist firm providing insight, advice, and education for organisations looking to improve their approach to managing and benefiting from information.

Drawing on almost two decades of experience and leadership at the interface of Business and Technology, we apply proven methods and pragmatic approaches to help organisations of all sizes unlock the value in their information with a holistic perspective that makes strategic connections between Information Governance, Data Privacy, and Information Quality. 

Our Clients

If your organisation is using information, you are a potential client of Castlebridge Associates.

We work with a wide range of clients from start-ups to Public Service bodies, from Financial Services to Non-Profits.

In addition to our services to businesses, we also support individuals who avail of our training and coaching services to help develop their professional skills in Information Management disciplines.

To find out more about the types of engagement we undertake, take a look at our Case Studies, which are updated regularly.

Our Vision

Our simple aim is to change how people in organisations think about information so that they can better:

  • Value it
  • Trust it
  • Nurture it
  • Enjoy it

In doing so, we will contribute to a better society supported by trusted and trustworthy information.

Our Mission

Our mission is to change how people in organisations think about information so they can add value, deliver benefits, and avoid risk.

We achieve this through a pragmatic evidence-based focus on human factors in the management of Information that affect how people in organisations understand and deliver on the Information and Process outcomes their customers want, as well as a practical perspective on the role of technology in Information Management.

We apply recognised reference standards and frameworks to client challenges, applying fundamental principles in innovative ways to address newly emerging needs and opportunities. 

Recent Blog Posts

Safe Harbo(u)r - What can organisations do now?

Broken Bridge

So, Safe Harbo(ur), much like the Norweigan Blue Parrot, has joined the choir eternal. The Article 29 Working Party are clear - it is no longer a lawful basis under which data can be transferred to the United States.

While we await confirmation of the adequacy of the Privacy Shield (see here and here for our thoughts on that), organisations are faced with either getting their US-based suppliers to adopt Model Contract Clauses (which may not be a long term solution), or finding EU hosted services to replace the functionality of these services.

Unfortunately there is an imbalance of power for many organisations when dealing with US-based service providers and many of our clients have found themselves relying on organisations that STILL rely on Safe Harbo(u)r to validate data transfers to the United States. These include a number of very large and market-dominant companies for cloud-based CRM (Salesforce.com - I'm looking at you).

screen shot of SalesForce.com Priviacy STatement as of 2016/02/08

What can organisations do if they are uncertain about the risk of data transfer to the United States? One option is to seek out EU-based alternatives. We have had to do this ourselves for a number of our back-office functions. It was a little frustrating, but we managed to find a number of comparable services and then kicked the tyres on them to find ones we could work with. Note that any reference to a product here is not an endorsement and all links are provided for information purposes only. Also - when conducting due diligence on providers it is important to 'trust but verify' and check where their data is actually hosted. Services that are ostensibly EU-based may be relying on Model Clauses or similar in the background for their hosting... often this is not transparent.

Latest News

Privacy Shield or Fig Leaf?

logo for privacy shield scheme

A deal has now been done on Safe Harbo(u)r - EU/US Privacy Shield.

Below we summarise some of the key points from the press conference and give some initial analysis. Note that there is no agreed text of the agreement available, and no detail on any enabling instruments. In many respects this should be seen as a holding position pending the final final actual agreement.

On the question of Mass Surveillance

  • US has provided letters from the Office of Director of National Intelligence confirming they do not conduct indiscriminate mass surveillance.
  • US Government has conducted reform of mass surveillance practices and legislation.
  • Under the new arrangement a Special Ombudsperson will be created in State Dept to follow up on queries from EU Data Protection Authorities regarding surveillance activities.
  • There will be Redress mechanisms for EU citizens (we assume via the Judicial Redress Act in the US - but that has had amendemnts added that may weaken its effectiveness in this context).
  • The operation of this governance structure and the enforceability of the letters are a precondition of the adequacy agreeement.

This appears to introduce potentially significant increase in transparency and safe guards for EU citizens. The EU Commission makes it a precondition of the adequacy agreement that the undertakings given in this context are upheld. However, it remains to be seen how independent or effective this ombudsman will be and what "teeth" they will have.

However, the hesitancy of the EU Commission to pull the plug on the old Safe Harbo(u)r itself until the CJEU did it for them raises a question of how effective or dissuasive that precondition would be in practice - would the Commission ever pull the plug on Privacy Shield if it was not getting answers, and what legal weight should be attached to "letters of comfort" ? The European Parliament was unimpressed and many remain unconvinced.

Recent Tweets

Legal

Castlebridge Associates is a trading name of Bridgecastle Information Management Ltd.

  • CRO: 473477 | VAT reg: IE09747978W
  • Directors: Daragh O Brien (Managing Director) | Colin Boylan
  • Reg'd office: 13 The Cloisters, Castlebridge, Wexford

 

Copyright 2009-2015 Castlebridge Associates | Stock images sourced from iStockphoto.net or Pixabay.com or from our own image libraries | Content contributed by 3rd parties used with permission