« back

15th September 2017A Quick Guide to the imminent General Data Protection Regulation

A Quick Guide to the imminent General Data Protection Regulation

Please take 5 mins to read the following because it will be applicable to ALL businesses and organisations and isn’t just something for your IT department to sort out!

What is the GDPR?

First and foremost the General Data Protection Regulation aims to further strengthen data protection for all businesses and individuals residing within the European Union.

Whilst we (UK) will be leaving the EU at some point in the future, this is still applicable to all of us.

The regulation comes into force on May 25th 2018 which will start a two year transitional period for all businesses to comply and implement the changes they need to make to comply.

Is Your Business Affected?

If your business is based in the European Union and deals with customers located here then yes, you will need to comply with the guidelines set out in the GDPR.

What Do You Need to Do?

You will need to demonstrate that your business has or is implementing the appropriate level of security to keep all data your store secure.

There are five key points that we recommend you pay particular attention to. We have listed them below and invite you to get in touch and speak to one of our experts who will happily explain each of the points in detail.

  1. PC and Laptops will require full disk encryption
  2. Initially all data will need to be password protected and eventually will require encryption
  3. Individual files will need to be encrypted before transferring them to others
  4. Admin passwords will be required when connecting hard drives and USB’s to transfer data from and to PC’s and laptops.
  5. Processes such as using cryptographic keys generated by an encryption process which can generate new encryption keys whenever they are needed, rendering the old keys useless.

Are There Penalties for Not Complying?

Fines for not complying include 2% of turnover for smaller breaches of the GDPR up to 4% of turnover or 20 million Euro (whichever amount is larger) for more serious failings.

How Should You Protect Your Data?

Data containing personal/customer/confidential financial information being transferred must be encrypted using symmetric or asymmetric methods to increase security and only allow the sender and recipient access to it.

Servers and hard drives will require full disk encryption.

Data will need to be better protected using robust key management and deleting of files complies with the user’s rights.

Users Rights to Data

Businesses will be required upon request to provide users with the information they might have on them and will also be responsible for supplying an electronic version of it.

Users will also have the right to request the information about themselves is modified or deleted.

Who Will Be Checking Your Business is in Compliance?

Data Protection Officers will be charged with ensuring the GDPR is being complied with in businesses. Officers will undertake thorough checks to ensure the correct procedures are being followed and mark the company’s system against the standards set by the GDPR.

Fines will be issued to those not complying as well as the requirement for the company to pay the costs to implement whatever changes are required.

Need More information?

This is a useful government website that provides plenty of useful information.

Alternatively, please get in touch with us and we will do our best to help you. Phone or email Paul Jones on 02920 090015 or email pj@redtree-it.co.uk

FREE month of online IT Support

Your Name:
Company Name:

Why Choose Red Tree?

You've really got nothing to lose! We'll let you try us free for a month and if you decide to stick with us we won't tie you into a long contract.

  • Fixed price IT support
  • Rolling 30 day contract
  • Zero tie-in periods
  • No limit on site visits

Remote Support

If a member of our team has directed you to this page please click the relevant connection button below...

For a FREE month of online IT support, just complete the form below or call us right now on Cardiff 02920 090015.