The General Data Protection Regulation (GDPR) is a regulation set to be enforced from 25 May 2018, the regulation is set to strengthen and unify data protection for all individuals within the European Union.
GDPR will affect both small and large businesses, and if you are currently subject to the Data Protection Act, it is likely that you will also be subject to the GDPR.
If personal data gets stolen after a cyber-attack, companies are obligated to report the breach, including the victim of the data-breach, within 72 hours of realising it. What’s more, the definition of ‘personal data’ has been extended to include extra categories such as, your computer’s IP address or your genetic make-up- essentially anything that may possibly be used to identify you.
Will Brexit affect GDPR’s Enforcement?
The government has confirmed that the UK’s decision to leave the EU will not affect the commencement of the GDPR.
Never Miss a Post
Subscribe to our newsletter and we will let you know as soon as the next blog post is out.
Plus, get exclusive discounts and tips straight from the team at Computer Assistance.
What This Means for you as a Business Owner?
Every business is aware of the requirement for the constant transmission of confidential data, especially where a database for client information is used. Therefore, it is essential that companies look into GDPR now so they can refute any breach of this legislation.
Companies who are not compliant with the GDPR are subject to recompense huge fines. This could be a fixed sum or 4% of global turnover which cuts into substantial company profit, something any business owner would obstinately wish to avoid.
The Electronic financial transactions specialist, Consult Hyperion, forecasts that European financial institutions could face fines totalling 4.7 billion euros, this likens to £4.1 billion and $5.3 billion, as anticipate in the first three years following the enforcement of GDPR.
So what precautionary measures can businesses adopt to avoid an occurrence of breach?
It is inevitable for businesses -whether small or large- to be transmitting data deemed private, hence it is fundamental that employers are vigilant to the likelihood of breach.
Moreover, it is critical to undertake the necessary steps so that security is assured.
A lot of the response may revolve around staff being trained and compliant with procedures, however this issue is far more convoluted. Alongside these ‘people first’ approaches there are many technical processes that Computer Assistance can help you implement to safeguard your data.
These steps might include:
1. The use of two-factor authentication: data may be present in emails, when in fact it ought to be stored in separate systems. Moreover, this includes remote access to systems such as remote desktop environments.
2. Full disk encryption: which prevents file-system access, for instances where company laptops are used outside of company premises, or even in the likelihood of theft or misplacement.
3. If information is exchanged with external parties through email; it should be a prerequisite that the email in transit is encrypted.
4. Systems to audit files for identifiable information and regulate who can access, share and move data; cloud systems are available that allow you to monitor and trace the use of ‘at risk’ data. This can often integrate with your current file storage.
5. Lastly, in regard to the use of removable storage., Firms might want to regulate this by restricting access and insuring that the devices are encrypted, therefore ensuring any data stays within the organisation
Many of the stipulations of GDPR, are already covered by the UK’s Data Protection Act. But simply put, organisations need to keep records of all personal data, in order to prove that consent was given.
Furthermore to demonstrate where the data is going, what it is being used for, and how this is being secured. in concern to GDPR, accountability is the new watchword.
If you wish to discuss any concerns or queries you may have you can contact us directly.
Still concerned about how GDPR might affect your business? That’s where we can help. Why not treat yourself to peace of mind by having a full consultation with Computer Assistance?
Feel free to give us a call on 01865 717088 and book a time that’s comfortable for you to come to the shop. From there, we can have an in-depth discussion with you about GDPR and what other issues may arise with your business.
While you’re at it, why not join our newsletter? We’ll send you a message when our next blogpost is up and ready for consuming. Furthermore, you’ll also receive some exclusive tips and information, as well as discounts on device repairs you book in with us! So, check the footer of this page, fill in your e-mail address and click Sign up. That’s all there is to it!