What is the GDPR?
First and foremost the General Data Protection Regulation aims to further strengthen data protection for all businesses and individuals residing within the European Union.
Whilst we (UK) will be leaving the EU at some point in the future, this is still applicable to all of us.
The regulation comes into force on May 25th 2018 which will start a two year transitional period for all businesses to comply and implement the changes they need to make to comply.
Is Your Business Affected?
If your business is based in the European Union and deals with customers located here then yes, you will need to comply with the guidelines set out in the GDPR.
What Do You Need to Do?
You will need to demonstrate that your business has or is implementing the appropriate level of security to keep all data your store secure.
There are five key points that we recommend you pay particular attention to. We have listed them below and invite you to get in touch and speak to one of our experts who will happily explain each of the points in detail.
Are There Penalties for Not Complying?
Fines for not complying include 2% of turnover for smaller breaches of the GDPR up to 4% of turnover or 20 million Euro (whichever amount is larger) for more serious failings.
How Should You Protect Your Data?
Data containing personal/customer/confidential financial information being transferred must be encrypted using symmetric or asymmetric methods to increase security and only allow the sender and recipient access to it.
Servers and hard drives will require full disk encryption.
Data will need to be better protected using robust key management and deleting of files complies with the user’s rights.
Users Rights to Data
Businesses will be required upon request to provide users with the information they might have on them and will also be responsible for supplying an electronic version of it.
Users will also have the right to request the information about themselves is modified or deleted.
Who Will Be Checking Your Business is in Compliance?
Data Protection Officers will be charged with ensuring the GDPR is being complied with in businesses. Officers will undertake thorough checks to ensure the correct procedures are being followed and mark the company’s system against the standards set by the GDPR.
Fines will be issued to those not complying as well as the requirement for the company to pay the costs to implement whatever changes are required.
Need More information?
Alternatively, please get in touch with us and we will do our best to help you. Phone or email Paul Jones on 02920 090015 or email email@example.com
You've really got nothing to lose! We'll let you try us free for a month and if you decide to stick with us we won't tie you into a long contract.
If a member of our team has directed you to this page please click the relevant connection button below...