We recognise that staying on top of changes to legislation and advice can be difficult. Here are some articles and alerts we’ve seen lately that we think you should be aware of, or might be interested in.
Please note that we’ve included links below to external websites. PCML consultants are not responsible for the content of any external websites.
We’ve collated the below from alerts and bulletins that we receive from UK Government agencies and others. You can find links to those sources and others on our website. We’ve linked to that page on our website at the end of this email.
This update includes Information Security, Environment, Health & Safety and Quality – click to jump to the relevant section.
Due to the volume of information to share relating to the recent quarter, we are splitting this issue of our newsletter into two parts:
Part 1 – Legislative changes covering Information Security, Environment, Health & Safety and Quality
Part 2 – Security threat and vulnerability intelligence, support for awareness raising and other information security news
Information Security
If you are an IT professional; these articles may be directly of use to you. If you are a manager with responsibility for information security and an in-house or outsourced IT function, you may wish to check that they are aware of this advice.
Legislative changes
Published legislation
The following security-related legislation came in to effect during the quarter.
Name Potentially affected Management Systems Anticipated impact on Infosec subscribers High level summary
Various commencements to the Online Safety Act 2023 Security Low Regulatory and enforcement commencement act
The Online Safety Act 2023 is already recorded on the Infosec Legislation portfolio
Other published
The UK and US Governments have signed a memorandum of understanding to develop tests for advanced AI Consultations etc.
The UK Artificial Intelligence (Regulation) Bill passed its second reading in March
The Information Commissioner’s Office (ICO) is also consulting on generative AI with respect to data protection – see the ICO update info below
Consultation on the Cyber Governance Code of Practice closed in March. It sets out the critical governance areas directors need to tackle in order to protect their organisations. The Code is designed to be simple to use, with the relevant information all in one place. It is for organisations of all sizes.
Environment
Legislative changes
No new principal legislation and no other relevant legislation was identified in this quarter.
Health & Safety
Legislative changes
Name Potentially affected Management Systems Anticipated impact on Infosec subscribers High level summary Reflected on Infosec?
The Merchant Shipping (Special Measures to Enhance Maritime Safety) Regulations 2024 Health and Safety Specialist Implement provisions of Chapter XI-1 (special measures to enhance maritime safety) in the Annex to the International Convention on the Safety of Life at Sea, 1974 (“the Convention”) which are not already implemented in other United Kingdom legislation.
Infosec Legislation customers – Please inform us if you feel this is relevant to your organisation, and require it adding to your legislation portfolio No. Infosec Legislation customers – Please inform us if you feel this is relevant to your organisation, and require it adding to your legislation portfolio
The Higher-Risk Buildings (Keeping and Provision of Information etc.) (England) Regulations 2024 Health and Safety Specialist Supports elements of the Building Safety Act
The Building Safety Act 2022, which this legislation supports has been added to the Infosec portal, and this legislation has been referenced from it. Please inform us if you feel that legislation is relevant to your organisation, and require it adding to your legislation portfolio No. Infosec Legislation customers – The Building Safety Act 2022, which it supports has been added and this legislation referenced from it. Please inform us if you feel that legislation is relevant to your organisation, and require it adding to your legislation portfolio
Various commencements to the Building Safety Act 2022 Health and Safety Specialist Regulatory and enforcement commencement act
The Building Safety Act 2022, which this legislation supports has been added to the Infosec portal. Please inform us if you feel that legislation is relevant to your organisation, and require it adding to your legislation portfolio No. Infosec Legislation customers – The Building Safety Act 2022, which it supports has been added and this legislation referenced from it. Please inform us if you feel that legislation is relevant to your organisation, and require it adding to your legislation portfolio
Consultations etc.
Consultation on The Terrorism (Protection of Premises) Bill (aka Martyn’s Law) closed in March. This legislation aims to improve public safety at events following the Manchester Arena Bombing in 2017. We reported on this in the Q3 2023 update
Round up of posts and announcements by the by the Health and Safety Executive (HSE) released in the quarter
April is stress awareness month
Updated guidance on RIDDOR reporting published. The HSE stressed that the legal requirements have not changed. This guidance is to help users understand the circumstances under which they should submit reports under RIDDOR
Guidance on protecting workers from violence and aggression at work including lone workers and advice for workers
Guidance on controlling legionella bacteria in evaporative cooling systems updated. More info about legionella and legionnaire’s disease here and here
Updates on first aid at work guidance – on regulations and on selecting first aid training providers
‘Asbestos – your duty’ campaign. Updated guidance on duty to manage asbestos published and refreshed asbestos guidance
New posters to help workers, building owners, landlords, employers or persons responsible for building maintenance on where asbestos is most frequently found in buildings. Industrial and residential
Quality
No new principal legislation was identified in this quarter. The only relevant legislative changes were minor amendments to the Russia Sanctions Regulations that are already summarised on the InfoSec portal.
Name Potentially affected Management Systems Anticipated impact on Infosec subscribers High level summary
Various minor amendments to the The Russia (Sanctions) (EU Exit) Act Quality Low Further ongoing amendments to the scope of goods and services covered under the Russia Sanctions Act
If you would like to discuss any of the topics we have covered in this newsletter, or would like to know more about how PCML Consultants can help you with your Security, Quality, Environment, H&S and Business Continuity objectives, then please don’t hesitate to get in touch
Here are some more helpful links which may be of use
