New legislation introduced from the EU means that businesses will face fines of up to nearly £17m if their data is breached. The UK are adopting the new standards from May 2018 in an effort to crackdown on cyber security. The EU law called the General Data Protection Regulation (GDPR), will introduce penalties for companies whose data is breached, and all companies are required to disclose when breaches occur and obtain consent to process citizens’ information. Current penalties can be as high as £500,000, but the new legislation can inflict penalties of up to four percent of global turnover or €20million, whichever is larger, be it a cyber-attack or human error.
Now is the time to ensure you have robust policies and procedures. In preparing your business for the GDPR you should be considering the following:
- Who is in charge?
- Are they knowledgeable and competent?
- Are the resources in place?
- Are the lines of reporting clear and robust enough?
- Who needs to know about GDPR? It is not just for IT, but Boards, HR teams, marketing and communication teams and anyone handling data.
- What data do you have?
- How/where is it stored
- What is it used for?
- Are any third parties handling data?
- What security do you have in place?
- When looking at all the above, are there any gaps that have been revealed?
- What plans do you have in place to ensure these are taken care of?
The benefits of ensuring you are compliant is an opportunity to see additional value in your data with new technologies and marketing prospects.
For more information about this and ways in which we can help your business systems, saving you time, money and ensuring you are compliant, contact us.
01271 375271 01237 471881
If you like this article and would like our FREE updates sent straight to your inbox then subscribe to our monthly newsletter.