The General Data Protection Regulation (GDPR) is a European Union data protection law. Effective May 25, 2018, GDPR imposes a wide range of requirements on organizations that collect or process personal data.
The main aim of the General Data Protection Regulation (GDPR) is to support consumer rights. It also sets out to provide clarity for businesses by establishing a single law across the EU that we all must adhere to.
The Information Commissioners Office (ICO) provides a very good 12-point guide to everything you need to consider. We would recommend that you go through this document and then look at the infographic we have below to identify your organisation’s needs.
Although some items are IT related, a large proportion of the compliance regulations are regarding the handling of data and internal processes of the organisation. We recommend all customers seek legal advice.
It may seem like an onerous task to carry out, but once you have digested the Information Commissioners Office (ICO)’s report you will have better clarity regarding what is required of you and your organisation. Certain processes are internal, such as appointing a Data Protection Officer (DPO) or documenting your data flows in the organisation & categorizing what is high risk and low risk data. If a breach does occur you will need to demonstrate that you have taken reasonable and sensible steps to prevent it. The ICO want to clamp down on companies that are irresponsible with their customers data.
Take a look at our infographic:
Once you have read the ICO report and had look at our Infographic, speak to us to find out how we can best support you in your IT practices and requirements.
It may be that you need a penetration test to see how vulnerable your network is; or that you want to put encryption software on all laptops belonging to Director level or above. If the laptop is then lost or stolen no one else can get into the data stored on it, we can wipe it all from a central console remotely.
It might be that you want Two Form Factor authentication on certain desktops; or that you want a staff training portal where you can train all the staff simultaneously and monitor where your vulnerabilities lie. We have numerous solutions that can help you promote a safer and more robust IT environment and help you comply with General Data Protection Regulation.
We are based in Salford Quays, Manchester and offer computer hardware and IT support. To find out more give us a call on 0161 233 0099.