Published on Mar 24, 2020
With the new privacy laws that have come into play since May 2018, companies that gather, process and store personal data belonging to individuals are obligated to do so under strict conditions.
Invariably, data “leaks” come in many forms; data can be lost, stolen or corrupted – the latter being more favourable. However, data that is stolen or accessed by unauthorised persons is at the heart of the GDPR directive.
The acronym stands for General Data Protection Regulation which was first announced in January 2012, and took 4 years to finalise.
The GDPR reforms are designed to ‘future proof’ Europe as we align more with the digital age. The guidelines are centred around consent, privacy and data handling.
Essentially, companies need to have your consent before that can gather, process and store any personally identifiable data. As our lives revolve around digital information the need to protect individual privacy has become much more apparent.
Any data that can identify an individual are covered by the GDPR Directive; data such as name, address, date of birth, credit card numbers, National Insurance number, driving license and store cards etc
All organisations have to ensure that firstly, they gather any personally identifiable data with the legal authorisation/consent of the individual. And secondly, that the data is held securely on any systems. Finally the data, cannot be shared with third parties unless the individual has consented to it.
As the GDPR has been enforceable since May 2018, organisations are liable to pay fines of up to €20 million or up to 4% of the annual worldwide turnover of the preceding financial year in case of an enterprise, whichever is greater.
Although the U.K is leaving the EU, any organisations doing business with EU member states will need to ensure data is handled accordingly. It has been suggested that the UK will adopt a similar law after Brexit.
We have helped several organisations secure their networks, servers and data processing techniques both online and offline.
I believe that even after Brexit, and even if your organisation does not deal with EU members, the guidelines of GDPR are useful and can protect your customers data from unauthorised access. It is worth the hassle if it means your customers have peace of mind, knowing their personal information is stored safely and securely.
We can analyse your networks, servers and websites to ensure best practises are followed and that the latest technology is enabled (which in many cases is already present but not configured). Implementation can take as little as a few hours, depending on the size of your data.
Give us a call for a free consultation today; 0333 577 1104.