A survey conducted in April and May 2023 revealed that around ** percent of the companies that do business in the European Union (EU) and the United Kingdom (UK) found it challenging to adapt to new or changing requirements of the General Data Protection Regulation (GDPR) or Data Protection Act 2018 (DPA). A further ** percent of the survey respondents said it was challenging to increase the budget because of the changes in the data privacy laws.

A survey conducted in April and May 2023 revealed that around 35 percent of organizations in the United States and 40 percent of organizations in the United Kingdom pay higher costs for international data transfers due to data privacy regulations, but they also find it manageable. Furthermore, approximately 35 percent of respondents from both countries think the regulations encourage businesses by guaranteeing that the data will be safeguarded in other countries.

This dataset is about books. It has 4 rows and is filtered where the book is Data protection : a practical guide to UK and EU law. It features 7 columns including author, publication date, language, and book publisher.

As of February 2025, the largest fine issued for violation of the General Data Protection Regulation (GDPR) in the United Kingdom (UK) was more than 22 million euros, received by British Airways in October 2020. Another fine received by Marriott International Inc. in the same month was the second-highest in the UK and amounted to over 20 million euros.

This is because it would breach the first data protection principle as: a) it is not fair to disclose claimant personal details to the world and is likely to cause damage or distress. b) these details are not of sufficient interest to the public to warrant an intrusion into the privacy of the claimant. Please click the below web link to see the exemption in full. https://www.legislation.gov.uk/ukpga/2000/36/section/40 Breach of Patient confidentiality Please note that the identification of claimants is also a breach of the common law duty of confidence. A claimant who has been identified could make a claim against the NHSBSA or yourself for the disclosure of the confidential information. The information requested is therefore being withheld as it falls under the exemption in section 41(1) ‘Information provided in confidence’ of the Freedom of Information Act. Please click the below web link to see the exemption in full. https://www.legislation.gov.uk/ukpga/2000/36/section/41

This report is one outcome of a study into privacy and human genetics initiated by John Gillott and staff and trustees of the Genetic Interest Group. \ud \ud The initial focus was on genetics and human rights, with an emphasis on legal aspects and policy decisions informed by law and rights ideology. Article 8 of the Human Rights Act 1998, the right to respect for private and family life,1 is of most relevance to this study, though other Articles are considered.\ud \ud The study as a whole comprises two broad strands of inquiry, reflecting those areas in which privacy rights are most relevant and have had the greatest impact: the effect of law and ideology on research and clinical practice, with a focus on genetics; and human reproduction, again with a particular focus on genetic aspects. These two areas present contrasting analytical challenges. While there is recent law indirectly or directly relevant to research and clinical practice (notably the Human Tissue Act 2004), there is little or no case law on the subject. In contrast, as regards reproduction and genetics, there have, over the past five years or so, been a number of court decisions, at all levels up to the House of Lords and the European Court of Human Rights. We therefore decided to publish the results of our study into the two areas separately, the better to highlight the key issues in each subject area. This report is on the first strand: the right to privacy in the context of medical research using tissue and data.

A survey conducted in April and May 2023 revealed that around a quarter of United States and United Kingdom organizations were highly concerned about data privacy law enforcement involving their company. A further 35 percent were worried about data breaches and other cybersecurity incidents. Dealing with high costs of privacy law compliance was a concern for approximately 20 percent of the respondents.

a - it is not fair to disclose individual’s personal details to the world and is likely to cause damage or distress. b - these details are not of sufficient interest to the public to warrant an intrusion into the privacy of the individual. Please click the below web link to see the exemption in full. www.legislation.gov.uk/ukpga/2000/36/section/40 Breach of confidentiality Please note that the identification of individuals is also a breach of the common law duty of confidence. An individual who has been identified could make a claim against the NHSBSA for the disclosure of the confidential information. The information requested is therefore being withheld as it falls under the exemption in section 41(1) ‘Information provided in confidence’ of the Freedom of Information Act. Please click the below web link to see the exemption in full.

A survey of UK young adults between 18 and 34 years in October 2023 found that ethnic minorities tend to exercise their data protection rights. Around 33 percent of respondents representing ethnic minorities said they had refused to provide their biometric data, compared to 22 percent of white respondents. Similarly, young people of color were more likely to ask an organization to stop using their personal information.

BackgroundThe COVID-19 pandemic brought global disruption to health, society and economy, including to the conduct of clinical research. In the European Union (EU), the legal and ethical framework for research is complex and divergent. Many challenges exist in relation to the interplay of the various applicable rules, particularly with respect to compliance with the General Data Protection Regulation (GDPR). This study aimed to gain insights into the experience of key clinical research stakeholders [investigators, ethics committees (ECs), and data protection officers (DPOs)/legal experts working with clinical research sponsors] across the EU and the UK on the main challenges related to data protection in clinical research before and during the pandemic.Materials and methodsThe study consisted of an online survey and follow-up semi-structured interviews. Data collection occurred between April and December 2021. Survey data was analyzed descriptively, and the interviews underwent a framework analysis.Results and conclusionIn total, 191 respondents filled in the survey, of whom fourteen participated in the follow-up interviews. Out of the targeted 28 countries (EU and UK), 25 were represented in the survey. The majority of stakeholders were based in Western Europe. This study empirically elucidated numerous key legal and ethical issues related to GDPR compliance in the context of (cross-border) clinical research. It showed that the lack of legal harmonization remains the biggest challenge in the field, and that it is present not only at the level of the interplay of key EU legislative acts and national implementation of the GDPR, but also when it comes to interpretation at local, regional and institutional levels. Moreover, the role of ECs in data protection was further explored and possible ways forward for its normative delineation were discussed. According to the participants, the pandemic did not bring additional legal challenges. Although practical challenges (for instance, mainly related to the provision of information to patients) were high due to the globally enacted crisis measures, the key problematic issues on (cross-border) health research, interpretations of the legal texts and compliance strategies remained largely the same.

Whilst this some of the requested information is held by the NHSBSA, we have exempted some of the figures under section 40(2) subsections 2 and 3(a) of the FOIA because it is personal data of applicants to the VDPS. This is because it would breach the first data protection principle as: a - it is not fair to disclose individual’s personal details to the world and is likely to cause damage or distress. b - these details are not of sufficient interest to the public to warrant an intrusion into the privacy of the individual. https://www.legislation.gov.uk/ukpga/2000/36/section/40 Information Commissioner Office (ICO) Guidance is that information is personal data if it ‘relates to’ an ‘identifiable individual’ regulated by the UK General Data Protection Regulation (UK GDPR) or the Data Protection Act 2018. The information relates to personal data of the VDPS claimants and is special category data in the form of health information. As a result, the claimants could be identified, when combined with other information that may be in the public domain or reasonably available. Online communities exist for those adversely affected by vaccines they have received. This further increases the likelihood that those may be identified by disclosure of this information. Section 40(2) is an absolute, prejudice-based exemption and therefore is exempt if disclosure would contravene any of the data protection principles. To comply with the lawfulness, fairness, and transparency data protection principle, we either need the consent of the data subject(s) or there must be a legitimate interest in disclosure. In addition, the disclosure must be necessary to meet the legitimate interest and finally, the disclosure must not cause unwarranted harm. The NHSBSA has considered this and does not have the consent of the data subjects to release this information and believes that it would not be possible to obtain consent that meets the threshold in Article 7 of the UK GDPR. The NHSBSA acknowledges that you have a legitimate interest in disclosure of the information to provide the full picture of data held by the NHSBSA; however, we have concluded that disclosure of the requested information would cause unwarranted harm and therefore, section 40(2) is engaged. This is because there is a reasonable expectation that patient data processed by the NHSBSA remains confidential, especially special category data. There are no reasonable alternative measures that could meet the legitimate aim. As the information is highly confidential and sensitive, it outweighs the legitimate interest in the information. Section 41 FOIA This information is also exempt under section 41 of the FOIA (information provided in confidence). This is because the requested information was provided to the NHSBSA in confidence by a third party - another individual, company, public authority or any other type of legal entity. In this instance, details have been provided by the claimants. For Section 41 to be engaged, the following criteria must be fulfilled:

Dataset on commits (and repositories) on GitHub making reference to data privacy legislation (covering laws: GDPR, CCPA, CPRA, UK DPA).

The dataset contains:
+ all_commits_info_merged-v2-SHA.csv : commits information as collected from various GitHub REST API calls (all data merged together).
+ repos_info_merged_USED-v2_with_loc.csv: repository information with some calculated data.
+ top-70-repos-commits-for-manual-check_commits-2coders.xlsx: results of the manual coding of the commits of the 70 most popular repositories in dataset.
+ user-rights-ω3.csv: different terms for user rights teriminology in legislation.
+ github_commits_analysis_replication.r: main analysis pipeline covering all RQs in the R programming language.

In order to perform also the initial data collection, the GitHub REST API can be used, collecting data using time intervals, for instance:
https://api.github.com/search/commits?q=%22GDPR%22+committer-date:2018-05-25..2018-05-30&sort=committer-date&order=asc&per_page=100&page=1

This dataset accompanies the following publication, so please cite it accordingly:

Georgia M. Kapitsaki, Maria Papoutsoglou, Evolution of repositories and privacy laws: commit activities in the GDPR and CCPA era, accepted for publication at Elsevier Journal of Systems & Software, 2025.

BackgroundThe COVID-19 pandemic brought global disruption to health, society and economy, including to the conduct of clinical research. In the European Union (EU), the legal and ethical framework for research is complex and divergent. Many challenges exist in relation to the interplay of the various applicable rules, particularly with respect to compliance with the General Data Protection Regulation (GDPR). This study aimed to gain insights into the experience of key clinical research stakeholders [investigators, ethics committees (ECs), and data protection officers (DPOs)/legal experts working with clinical research sponsors] across the EU and the UK on the main challenges related to data protection in clinical research before and during the pandemic.Materials and methodsThe study consisted of an online survey and follow-up semi-structured interviews. Data collection occurred between April and December 2021. Survey data was analyzed descriptively, and the interviews underwent a framework analysis.Results and conclusionIn total, 191 respondents filled in the survey, of whom fourteen participated in the follow-up interviews. Out of the targeted 28 countries (EU and UK), 25 were represented in the survey. The majority of stakeholders were based in Western Europe. This study empirically elucidated numerous key legal and ethical issues related to GDPR compliance in the context of (cross-border) clinical research. It showed that the lack of legal harmonization remains the biggest challenge in the field, and that it is present not only at the level of the interplay of key EU legislative acts and national implementation of the GDPR, but also when it comes to interpretation at local, regional and institutional levels. Moreover, the role of ECs in data protection was further explored and possible ways forward for its normative delineation were discussed. According to the participants, the pandemic did not bring additional legal challenges. Although practical challenges (for instance, mainly related to the provision of information to patients) were high due to the globally enacted crisis measures, the key problematic issues on (cross-border) health research, interpretations of the legal texts and compliance strategies remained largely the same.

Under the Freedom of Information Act 2000, I request the following information: The number of individuals of all ages who were prescribed contraceptives in the financial years 2019-2020, 2021-2020, 2020-2021, 2021-2022 and 2022-2023 in community settings (GP surgeries and pharmacies) broken down by contraceptive method. I would also like the proportion these represent of contraception users. For example, X proportion of those on contraception are using the Mirena coil. If possible, I would also appreciate if this were broken down by age of those prescriptions too. To clarify, I mean patients. I also mean both contraceptive drugs and appliances/devices Response A copy of the information is attached. Please read the following information to ensure correct understanding of the data. Fewer than five Please be aware that I have decided not to release the full details where the total number of individuals falls below five. This is because the individuals could be identified, when combined with other information that may be in the public domain or reasonably available. This information falls under the exemption in section 40 subsections 2 and 3 (a) of the Freedom of Information Act (FOIA). This is because it would breach the first data protection principle as: a - It is not fair to disclose individual’s personal details to the world and is likely to cause damage or distress. b - These details are not of sufficient interest to the public to warrant an intrusion into the privacy of the individual. Please click the weblink to see the exemption in full: www.legislation.gov.uk/ukpga/2000/36/section/40 NHS Business Services Authority (NHSBSA) - NHS Prescription Services process prescriptions for Pharmacy Contractors, Appliance Contractors, Dispensing Doctors, and Personal Administration with information then used to make payments to pharmacists and appliance contractors in England for prescriptions dispensed in primary care settings (other arrangements are in place for making payments to Dispensing Doctors and Personal Administration). This involves processing over one billion prescription items and payments totalling over £9 billion each year. The information gathered from this process is then used to provide information on costs and trends in prescribing in England and Wales to over 25,000 registered NHS and Department of Health and Social Care (DHSC) users. Data Source: ePACT2 - Data in ePACT2 is sourced from the NHSBSA Data Warehouse and is derived from products prescribed on prescriptions and dispensed in the Community. The data captured from prescription processing is used to calculate reimbursement and remuneration. It includes items prescribed in England, Wales, Scotland, Northern Ireland, Guernsey/Alderney, Jersey, and Isle of Man which have been dispensed in the community in England. English prescribing that has been dispensed in Wales, Scotland, Guernsey/Alderney, Jersey, and Isle of Man is also included. The data excludes: • Items not dispensed, disallowed and those returned to the contractor for further clarification. • Prescriptions prescribed and dispensed in prisons, hospitals, and private prescriptions. • Items prescribed but not presented for dispensing or not submitted to NHS Prescription Services by the dispenser. Dataset - The data is limited to presentations prescribed in BNF sections 0703 Contraceptives and BNF section 2104 Contraceptive Devices. Data is presented at BNF Sub Paragraph and BNF Presentation level. Time Period - Financial years 2019/20, 2020/21, 2021/22, 2022/23 and 2023/24 (April 2023 - January 2024). Data is currently available up to and including January 2024. Organisation Data - The data is for prescribing in England regardless of where dispensed in the community. British National Formulary (BNF) Sub Paragraph and Presentation Code – The BNF Code is a 15-digit code in which the first seven digits are allocated according to the categories in the BNF, and the last eight digits represent the medicinal product, form, strength and the link to the generic equivalent product. NHS Prescription Services has created pseudo BNF chapters, which are not published, for items not included in BNF chapters 1 to 15. Most of such items are dressings and appliances which NHS Prescription Services has classified into four pseudo BNF chapters (20 to 23). Patient Identification - Where patient identifiable figures have been reported they are based on the information captured during the prescription processing activities. Please note, patient details cannot be captured from every prescription form and based on the criteria used for this analysis, patient information (NHS number) was only available for 98.28% of prescription items. The unique patient count figures are based on a distinct count of NHS number as captured from the prescription image. Patient ages are based on the age as captured from the prescription image and relates to the patient's age at the time of prescribing/dispensing. Please note it is possible that a single patient may be included in the results for more than one age band where a patient has received prescribing at different ages during a financial year. The figures for the number of identifiable patients should not be combined and reported at any other level than provided as this may result in the double counting of patients. For example, a single patient could appear in the results for multiple presentations or both financial years. Patient Age - Shows the age of the patient, if recorded. Data Quality for patient age - NHSBSA stores information on the age of the recipient of each prescription as it was read by computer from images of paper prescriptions or as attached to messages sent through the electronic prescription system. The NHSBSA does not validate, verify or manually check the resulting information as part of the routine prescription processing. There are some data quality issues with the ages of patients prescribed the products. The NHSBSA holds prescription images for 18 months. A sample of the data was compared to the images of the paper prescription forms from which the data was generated where these images are still available. These checks revealed issues in the reliability of age data, in particular the quality of the stored age data was poor for patients recorded as aged two years and under. When considering the accuracy of age data, it is expected that a small number of prescriptions may be allocated against any given patient age incorrectly. Application of Disclosure Control to information services (prescriptions) products- ePACT 2 data is not published statistics - it is available to authorised NHS users who are subject to Caldicott Guardian approval. We have no plans to apply disclosure control to data released to ePACT 2 users. These users are under an obligation to protect the anonymity of any patients when reusing this data or releasing derived information publicly. All requests that fall under the FOI process are subject to the NHSBSA Anonymisation and Pseudonymisation Standard. The application of the techniques described in the standard is judged on a case-by-case basis (by NHSBSA Information Governance) in respect of what techniques should be applied. The ICO typically rules on a case-by-case basis too so each case or challenge or appeal is judged on its own merits. FOI rules apply to data that we hold as part of our normal course of business.

A study, conducted in April 2024 among digital services companies in the United Kingdom (UK) showed that 63 percent of them had age assurance methods in place. Furthermore, 26 percent said they had none, and 11 percent were not aware of such measures.

Snapshot img

Customer Data Platform Market Size 2024-2028

The customer data platform market size is forecast to increase by USD 19.02 billion at a CAGR of 32.12% between 2023 and 2028.

The customer data platform (CDP) market is experiencing significant growth due to several key trends. The increasing demand for personalized customer services in various industries, particularly e-commerce retail, is driving market growth. This trend is being fueled by the rising preference for omnichannel platforms that enable seamless customer interactions across multiple touchpoints. Additionally, the need to address customer data privacy concerns is another major factor contributing to the market's growth.
As businesses strive to provide more personalized experiences to their customers while ensuring data security, CDPs and workforce analytics are becoming an essential tool for managing and activating customer data in real time. This CDP market analysis report provides a comprehensive examination of these trends and other growth factors, offering valuable insights for businesses looking to leverage CDPs to enhance their customer engagement strategies.

What will be the Size of the Customer Data Platform Market During the Forecast Period?

Request Free Sample

The customer data platform (CDP) market is experiencing significant growth due to the increasing importance of customer intelligence for delivering omnichannel experiences. Businesses seek to understand their customers across multiple channels and touchpoints, requiring the ability to handle large volumes of complex data. CDP solutions enable data unification and identity resolution, ensuring accurate and consistent customer profiles. Data governance and privacy laws are driving the need for robust data protection and security measures, including data breach prevention and compliance with regulations such as GDPR and CCPA.
Additionally, AI and machine learning are being integrated into CDPs to enhance data analytics capabilities, providing valuable insights for industries like healthcare, telecom, travel and hospitality, and advertising.
The customer data platform market is evolving with AI-powered CDP solutions enhancing real-time data processing, customer data integration, and omnichannel marketing. Businesses focus on data privacy compliance and first-party data management to drive predictive analytics, customer segmentation, and personalized marketing. Cloud-based CDP adoption supports customer journey analytics, CDP for e-commerce, and cross-channel data activation. Data monetization strategies, identity resolution, and enterprise CDP solutions fuel CDP market growth, enabling data-driven customer insights and customer retention strategies.
Big data and real-time data processing are essential features, enabling businesses to make informed decisions and respond quickly to customer needs.

How is this Customer Data Platform Industry segmented and which is the largest segment?

The customer data platform industry research report provides comprehensive data (region-wise segment analysis), with forecasts and estimates in 'USD billion' for the period 2024-2028, as well as historical data from 2018-2022 for the following segments.

Deployment

  On-premises
  Cloud based


End-user

  Large enterprises
  Small and medium size enterprises


Geography

  North America

    US


  Europe

    Germany
    UK


  APAC

    China
    Japan


  South America



  Middle East and Africa

By Deployment Insights

The on-premises segment is estimated to witness significant growth during the forecast period.

The on-premises the market is experiencing substantial growth due to its ability to process and personalize customer data while maintaining data security within an organization's data centers or servers. On-premises CDPs offer customizable solutions tailored to specific business needs and unique data processing workflows, which may not be available in cloud-based alternatives. However, the need to upgrade hardware for data scalability is a consideration for on-premises CDPs. Key features of on-premises CDPs include data unification, identity resolution, data governance, data privacy, and data security. These platforms enable organizations to comply with data privacy laws, protect against data breaches, and address consumer concerns.

On-premises CDPs are particularly valuable for industries with large data volumes and complexities, such as advertising, healthcare services, telecom, media and entertainment, retail, and travel and hospitality. Integration with mobile devices, Short Message Service, and communication channels is essential for providing a seamless omnichannel experience. Machine learning and natural language processing technologies enhance data analysis and personalization capabilities. Cloud-based technology offers flexibility and cost savings, but on-premises CDP

Success.ai’s Company Data Solutions provide businesses with powerful, enterprise-ready B2B company datasets, enabling you to unlock insights on over 28 million verified company profiles. Our solution is ideal for organizations seeking accurate and detailed B2B contact data, whether you’re targeting large enterprises, mid-sized businesses, or small business contact data.

Success.ai offers B2B marketing data across industries and geographies, tailored to fit your specific business needs. With our white-glove service, you’ll receive curated, ready-to-use company datasets without the hassle of managing data platforms yourself. Whether you’re looking for UK B2B data or global datasets, Success.ai ensures a seamless experience with the most accurate and up-to-date information in the market.

API Features:

• Real-Time Data Access: Our APIs ensure you can integrate and access the latest company data directly into your systems, providing real-time updates and seamless data flow.
• Scalable Integration: Designed to handle high-volume requests efficiently, our APIs can support extensive data operations, perfect for businesses of all sizes.
• Customizable Data Retrieval: Tailor your data queries to match specific needs, selecting data points that align with your business goals for more targeted insights.

Why Choose Success.ai’s Company Data Solution? At Success.ai, we prioritize quality and relevancy. Every company profile is AI-validated for a 99% accuracy rate and manually reviewed to ensure you're accessing actionable and GDPR-compliant data. Our price match guarantee ensures you receive the best deal on the market, while our white-glove service provides personalized assistance in sourcing and delivering the data you need.

Why Choose Success.ai?

• Best Price Guarantee: We offer industry-leading pricing and beat any competitor.
• Global Reach: Access over 28 million verified company profiles across 195 countries.
• Comprehensive Data: Over 15 data points, including company size, industry, funding, and technologies used.
• Accurate & Verified: AI-validated with a 99% accuracy rate, ensuring high-quality data.
• API Access: Our robust APIs and customizable data solutions provide the flexibility and scalability needed to adapt to changing market conditions and business needs.
• Real-Time Updates: Stay ahead with continuously updated company information.
• Ethically Sourced Data: Our B2B data is compliant with global privacy laws, ensuring responsible use.
• Dedicated Service: Receive personalized, curated data without the hassle of managing platforms.
• Tailored Solutions: Custom datasets are built to fit your unique business needs and industries.

Our database spans 195 countries and covers 28 million public and private company profiles, with detailed insights into each company’s structure, size, funding history, and key technologies. We provide B2B company data for businesses of all sizes, from small business contact data to large corporations, with extensive coverage in regions such as North America, Europe, Asia-Pacific, and Latin America.

Comprehensive Data Points: Success.ai delivers in-depth information on each company, with over 15 data points, including:

Company Name: Get the full legal name of the company. LinkedIn URL: Direct link to the company's LinkedIn profile. Company Domain: Website URL for more detailed research. Company Description: Overview of the company’s services and products. Company Location: Geographic location down to the city, state, and country. Company Industry: The sector or industry the company operates in. Employee Count: Number of employees to help identify company size. Technologies Used: Insights into key technologies employed by the company, valuable for tech-based outreach. Funding Information: Track total funding and the most recent funding dates for investment opportunities. Maximize Your Sales Potential: With Success.ai’s B2B contact data and company datasets, sales teams can build tailored lists of target accounts, identify decision-makers, and access real-time company intelligence. Our curated datasets ensure you’re always focused on high-value leads—those who are most likely to convert into clients. Whether you’re conducting account-based marketing (ABM), expanding your sales pipeline, or looking to improve your lead generation strategies, Success.ai offers the resources you need to scale your business efficiently.

Tailored for Your Industry: Success.ai serves multiple industries, including technology, healthcare, finance, manufacturing, and more. Our B2B marketing data solutions are particularly valuable for businesses looking to reach professionals in key sectors. You’ll also have access to small business contact data, perfect for reaching new markets or uncovering high-growth startups.

From UK B2B data to contacts across Europe and Asia, our datasets provide global coverage to expand your business reach and identify new...