General Data Protection Regulation (GDPR)
GDPR comes into force in May 2018 having been adopted by the European Parliament in 2016. It will supersede all existing national data protection laws and if your organisation is in the EU and holds data (relating to clients and/or employees) then GDPR applies to you.
GDPR is the most significant development in data privacy regulation in over 20 years. The purpose of the legislation is to protect the rights of private citizens. Businesses and organisations need to take steps to ensure that they are compliant with the legislation because failing to do so can have significant implications for your organisation.
What You Need to Know
If you fall foul of this legislation through non-compliance, your organisation will be fined and will suffer reputational damage. Breaching GDPR can result in a fine up to 4% of your global turnover or €20 million. Therefore, with this legislation coming into force you will have a serious and legally enforceable obligation to discharge.
What Can BITS Do to Help?
Anything to do with data (GDPR) is intrinsically linked to your IT systems. Most organisations hold data in many places with varying degrees of security surrounding those devices/solutions. A mix of laptops/PCs, cloud storage, email, on-site servers, not to mention tablets and phones, are all potentially holding client data. From a data protection point of view, you need to show knowledge of where your data is, and to be able to demonstrate how it is secured in line with GDPR standards.
At BITS, we understand all the IT aspects of GDPR and we offer the following to help organisations/businesses with their GDPR compliance:
- Carry out an Audit of the computer network and determine all the locations where data is currently stored.
- Produce a report from the above audit and make recommendations to deal with any gaps that arise.
- Review any current Data Protection Policy that the organisation has in place.
- Where no policy is in place, we will create an IT Security and Data Protection Policy customised for your organisation.
- We will work with you to understand what a “Data Protection Officer” is and their significance in the organisation.
- We will provide you with a document that can be furnished to all staff who are involved with data collection for the organisation.
- Carry out penetration tests (These are tests that evaluate the ability of your IT infrastructure to withstand exploitation.)
- Ensure all sensitive data is encrypted.
Prevention is better than cure. Contact us today!
Online Cyber Secrity Assessment
Determine your company’s current level of security with our quick online assessment