General Data Protection Regulation (GDPR)
From 25th May 2018 your organisation will be subject to the General Data Protection Regulation GDPR; failure to adhere to it is punishable with swingeing fines.
GDPR establishes data protection as a fundamental human right and includes “right to the protection” of personal data. Anyone based in the EU, or anyone handling or targeting the personal data of an EU-based individual must have processes, technology, and automation to effectively prevent the misuse or loss to hackers of personal data. GDPR is policed by the Information Commissioner’s Office, whose function is to uphold information rights in the public interest. As an organisation you will need to register with the Information Commissioner’s Office https://ico.org.uk/ and Wizards can help you understand both your obligations and the mechanics of compliance contact us on 0333 241 7707 or use firstname.lastname@example.org.
Penalties for Non-Compliance?
GDPR is a serious business and Your organisation can be fined up to 4% of annual global turnover for breaching GDPR or €20 Million.
What Are Your GDPR Security Obligations?
GDPR requires data is secured by the following means:
- Transport and Storage: Encryption
- Big Data: Anonymization and Pseudonymization
- Working Procedures: Privileged User Access Control
- Architecture: Fine-grained Access Control
- Database design: Data Minimization
Monitor to Detect Breaches
- Audit data
- Monitor and timely alert
- Quality of Protection measurement
What Does Brexit Uncertainty Mean for GDPR?
If your business sells goods or services in other EU countries you must comply with the GDPR, irrespective of whether the UK retains the GDPR post-Brexit. If your activities are limited to the UK, the position is much less certain. What is clear is the UK Government has indicated it will implement equivalent or alternative legal mechanisms and such legislation is likely to follow the much discussed and agreed upon standards set by GDPR, especially as GDPR provides a clear baseline against which UK business will access to the EU digital market.
GDPR: What Should You Do?
Time is pressing on and GDPR compliance is a major task and needs to be started now. Wizards are here to help with GDPR and for more detail on these and other services contact us on 0333 241 7707 or use email@example.com.
Ian Charles Wizards and Steve Cassidy PC Pro discussing your obligations under the General Data Protection Regulation GDPR