“Just wanted to say thanks for all the effort and support you provided last week. If they ever introduce an Olympic event for ploughing through excessive bureaucracy you’d be a dead cert for gold”
Data security is critical. Recently, high profile cyber-attacks have made global news, but not all data breaches are malicious or criminal in nature. Some arise from negligence or ignorance, but even so, their impact on a business can be enormous. Alongside disruption and financial effects, an organisation’s reputation can also be badly damaged.
The protection of individual’s data in the face of security lapses and attacks is now a priority. To ensure businesses act, the EU has adopted a new regulation known as General Data Protection Regulation or GDPR. This was enforced on 25 May 2018 and carries significant penalties for infringement. Fines can be up to whichever is the greater of €20 million or 4% of business turnover.
GDPR contains several provisions:
Even though this is EU legislation, the UK’s Information Commissioner’s Office is working to align UK legislation with GDPR. As so much business is conducted across borders and data is stored in the cloud, this is the logical approach. It’s highly likely that to trade with EU countries in the future, UK organisations will have to comply fully with GDPR.
Many organisations are not ready for the changes and should act now because GDPR should not be underestimated. Employees will need education and training, processes will need reviewing and data types, usage and sensitivities will need to be assessed. The appointment of a Data Protection Officer could also be required.
Various steps need to be undertaken to prepare, and Urban IT is ready to support your business through this process. We use a tailored approach because every organisation will need to address different issues during the transition to compliance.