Time to Act on GDPR

Time to act on GDPR

Data security has always been a serious topic, because it’s one of the main planks of IT use, but it’s about to get even more serious for everyone.

Typically when planning your IT, you would start with the hardware. After that the priority very quickly becomes to secure and backup the data that exists on or flows through that hardware.

Very soon, though, the way you manage and protect your data is going to move even further up the agenda – possibly even to be considered before the hardware and networks.

That’s because new data laws (in addition to these…), which have existed for almost the last two years, are going to begin being enforced from next May and they come with very hefty fines for anyone who doesn’t take them seriously.

Hopefully by now you’ve heard of the General Data Protection Regulation – or GDPR, as it’s more commonly shortened to.

It’s a huge redesign of the Data Protection Act we’ve been familiar with for decades now and it applies across European Union countries. The fact that our destiny is to leave that club does not matter, because the law will already be in force and we will need to follow it if we are to continue to do business with Europe and the people who live there.

There are some key things to understand about GDPR:

– It puts the focus on the proper management of data, from securing it to ensuring you have a legal basis to hold it in the first place and that the people you hold information on have simple and timely access to it (among other new rights).

– If you are found in breach of the GDPR rules, there are fines available to regulators which far outstrip the measures available to them now. A fine that might run into the tens of thousands under the Data Protection Act can quite literally be into the tens of millions of pounds under GDPR. They can reach up to four per cent of an organisation’s global turnover. That’s really something to think about!

– GDPR is not just about draconian laws, it’s a revisiting of the value of data for the digital age. It’s about making sure that those who hold data are able to unlock its value, perhaps by mining it, combining it with various sources, selling it on and modelling it to tell us things about the world that we couldn’t otherwise know. In order to do that, it has to be accurate and legitimately held and properly protected. That’s in everyone’s interests.

GDPR and You

The big question is: what does this mean for you and your business?

In short, it means you need to be preparing now to make sure you meet the requirements of GDPR. You need to know what data you hold, how and where you hold it, who has access to it, whether it is up-to-date, whether it is secure and whether you have rights under GDPR rules to have it.

When you know that, you need to be able to document your systems and how they are operated, have justifications in place for who can see and use data and have ways to record when and by whom the data is accessed. There must be ways to quickly provide data to the people it is about if they ask and methods to transfer their data to other processors if they request you to do so (a right the data subject is given under GDPR).

Some of this is organisational, but much of it is technical. Many of the huge fines we are going to see will be as a result of data breaches and loss. If you haven’t taken appropriate, demonstrable steps to make your systems secure you risk being held expensively accountable.

So, a great starting point is to examine your IT. Have you got all of the security angles covered, including staff training? Have you checked that all of your data is held in the places where it should be (no copies of databases on staff desktops, or duplicates in unofficial cloud accounts…)?

If you haven’t started already, now is the time to get familiar with GDPR, start an audit, create a plan and ask your IT department or service provider where the gaps might be.

If you don’t know where you stand or where to start with securing your systems and communications, you can pick up the phone to us. Whatever you do, don’t let the May 25th 2018 implementation date arrive without having done anything!

Budget Didn’t Light Up Our Fibre

Get Your IT Systems Something for Christmas

Back to Insights

Cookie	Duration	Description
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.

Time to Act on GDPR

Time to act on GDPR

GDPR and You

Smart Tactics to Reduce Cloud Waste at Your Business

Uh Oh! You’re at Greater Risk of Malware than Ever Before

Be Careful When Scanning QR Codes – There’s a New Scam Going Around!

Be More Productive with these Microsoft Edge Features

5 Cybersecurity Predictions for 2024 You Should Plan For

Is This the Most Dangerous Phishing Scam Yet?

What is Microsoft Security Copilot? Should You Use it?

The Advantages of Contracting with an IT Company Over Break/Fix Arrangements

Cyber Attacks: Stronger, Faster and More Sophisticated

Online Security: Addressing the Dangers of Browser Extensions

The Little Things that make a Big Difference

Workspaces, a VPN and More – Learn the Newest Microsoft Edge Features

And the award for most common phishing scam goes to…

Examples of How a Data Breach can Cost Your Business for Years

Demystifying Data Encryption: Safeguarding Your Digital World

How Small Businesses Can Approach Workforce Technology Modernisation

Which Ransomware Payment Option is Best? (Hint: None)

Top Data Breaches of 2023: Numbers Hit an All-Time High

Bridging the Trust Gap Between Your Employees and AI

9 Tips for Setting Up AI Rules for Your Staff

Don’t Think Your Business is a Target? Think Again

Gamers Beware! Hackers are Targeting You

This New Search Feature in Edge is a Revolution

The Proactive Advantage: Fortifying Business Resilience through Monitoring

Here’s What’s in Store for the Last Ever Windows ‘Moments’ Update

How Can You Leverage the MS Teams Payment App

Microsoft Wants you to Pay for Updates

11 Ways to Responsibly Get Rid of eWaste at Your Home or Office

Are You Ready for Next-Gen Email Security? (YES!)

Beware of These 2024 Emerging Technology Threats