Is your Business prepared?
Preparing your business for a new era in privacy regulation. The one year countdown begins.
Less than a few months remain until the General Data Protection Regulation (GDPR) takes effect.
The extended EU data protection laws come into effect on 25th May 2018 and it will affect all businesses in some way or other. If you want to be certain your business is going to comply and avoid potentially the hefty financial penalties that failing to comply to this new regulation is going to bring with it, the time to start preparing is now.
Compliance with GDPR is going to mean all companies will have to alter their data security practices to some degree. If your business collects, manages or handles personal data in any way, it’s highly likely that you’ll have to comply with the new General Data Protection Regulation (GDPR). The definition of what constitutes personal data has also widened.
What does this mean for your businesses? It means internal IT security systems and policies will require change in some way or form.
The systems used by businesses to create, store, analyse, share and manage data can be spread across a wide array of IT environments—personal devices, on-premises servers, cloud services, even the Internet of Things. Cyber security, data privacy and data breaches will need to be top-of-mind.
The overriding question is whether data is at risk and which practices and technologies will effectively reduce those risks.
We are aware that the increased obligations that the GDPR places on companies might cause some anxieties for business. Our aim is to try to alleviate some of those concerns, and facilitate a smooth transition to future data privacy standards.
Have you started your journey towards GDPR compliance?
Speak to us, we can help you get there.
What is the GDPR?
Known as the General Data Protection Regulation (GDPR), the law imposes new rules on companies, government agencies, non-profits, and other organizations that offer goods and services to people in the European Union (EU), or that collect and analyze data tied to EU residents. The GDPR applies no matter where you are located.
The GDPR emphasises transparency, security and accountability by data controllers, while at the same time standardising and strengthening the right of European citizens to data privacy
So where should you start?
GDPR introduces new elements and significant enhancements which will require detailed consideration by all organisations involved in processing personal data. The new regulation contains many requirements about how you collect, store and use personal information.Some elements of GDPR will be more relevant to certain organisations than others, and it is important and useful to identify and map out those areas which will have the greatest impact on your business model.
We recommend you begin your journey to compliance with the GDPR by focusing on the following:
- Carry out a review of all current or envisaged processing in line with GDPR
- Outline the new obligations under the GDPR which will apply to their organisation
- Map the gap that exists between your existing state of compliance and the standard required under the GDPR
- Outline the changes you would need to make to achieve compliance with the GDPR, prioritise these changes, quantify the cost and create a roll-out plan with