GDPR

 

What is Data Protection Regulation (GDPR)?

GDPR stands for General Data Protection Regulation and replaces the previous Data Protection Directives that were in place.

It will introduce challenges in terms of data processing, security, privacy, access, breach notification and failure to comply could result in your organisation being fined.

You should also be aware that GDPR covers more than just cyber security. It covers what personal data is, how and when you are allowed to collect it, and what you can and cannot do with it.

 

When does GDPR come into force?

It was approved by the EU Parliament in 2016 and on 25 May 2018, the new EU General Data Protection Regulation (GDPR) will come into effect.

 

What could be the impact on your business?

There are two headline grabbing impacts from the new law.

Firstly, you cannot keep breaches of personal data secret and just deal with them internally. Instead, there will be a legal requirement to report a breach to the Information Commissioner’s Office (ICO) within 72 hours.

Secondly, under GDPR, potential fines from the (ICO) increase from a current maximum of £400,000 to up to 4% of global turnover (whichever is greater).

 

Am I safe if I have outsourced my IT?

No, you cannot simply blame a third party. You have responsibility in the selection and ongoing monitoring of any third-party processors of your data. Without evidence of appropriate due diligence, you can still be fined heavily for a breach of their IT systems.

 

What should I be doing now?

Do you have the skills in house to manage your GDPR compliance programme?

Are you looking for best practice advice?

Do you need help starting to scope the project, or require support reviewing your incident response and management processes?

 

Our expert team can help!

 Contact Us

 

Maxim Services Group has extensive experience preventing and dealing with cyber security breaches.

With you every step of the way to GDPR compliance!

 

For more information about our GDPR services, take a look at our GDPR Readiness Guide

 Contact Us