General Data Protection Regulation


The GDPR Deadline for Compliance!   

The General Data Protection Regulation (GDPR) goes into effect on May 2018. Is your business ready? If you’re like most companies, the answer is probably no. All businesses are required to be 100% compliant by May 25th, 2018, and there are fines of up to 2-4% of global revenue for non-compliance, the pressure is certainly on to comply.

Currently, the UK relies on the soon to be out-of-date Data Protection Act 1998. The GDPR introduces bigger fines for non-compliance and any data breaches, and gives people more say over what businesses can do with their data. It also makes data protection rules more identical across the EU. Even with Brexit, the UK will still abide by this new regulation.

Even if you are a small business but hold data on your customers, you need to take steps now to be compliant with this new regulation to avoid being fined once the GDPR goes into effect on May 2018.

Cornwall IT can help you become compliant with our knowledge of GDPR and the various IT tools we offer to help you become compliant.

Download our Recommended GDPR Guide

What is GDPR?

Expand Text >>

GDPR stands for General Data Protection Regulation. This is new UK legislation that defines good business practice for handling personal data. Businesses that are non-compliant run the risk of being fined.

<< Collapse Text

Fines? What Fines?

Expand Text >>

The main reason for becoming compliant to GDPR is the huge fines for non-compliance if you are investigated or your business suffers a data security breach. Fines are up to 4% of a businesses annual turnover (not profit!) or £20 million – whichever is greater!

<< Collapse Text

How likely is my business to be investigated and couldn’t I hush a data security breach?

Expand Text >>

From May 2018 it will now be law to report data security breaches to the regulator and those affected within 72 hours of discovering the breach. Hushing it up would have serious repercussions on your business when this is found out. This would also impact on your businesses reputation.

<< Collapse Text

When is it happening?

Expand Text >>

GDPR is due to become UK law in May 2018.

<< Collapse Text

Are UK companies doing Anything already about it?

Expand Text >>

Unfortunately a lot of UK companies have yet to take any action with regards GDPR despite being aware of it already. With less than a year before the deadline, time is fast running out for companies to get themselves ready. The first step is to identify security risks that can be fixed straightaway.

<< Collapse Text

If this is an EU law, what about Brexit?

Expand Text >>

The GDPR is of course an EU initiative and the UK is of course leaving the European Union. Having said that, the UK’s digital minister has already made it clear that the government intends to amend the current UK data protection law to mirror the GDPR. So Brexit is no excuse for non-compliance.

<< Collapse Text

What does this mean for my business?

Expand Text >>

The main part of GDPR is about the processes of your business – how you get consent to capture and keep personal data. The technology side of things relates to being able to show that you have the strategies in place to secure and protect that personal data.

<< Collapse Text

Do I need to hire more staff to deal with GDPR?

Expand Text >>

Some businesses will need to appoint a “data protection officer” to help them comply with the GDPR requirements. For example, all public authorities will require a data protection officer.

<< Collapse Text

Where can I find out more information?

Expand Text >>

The Information Commissioner’s Office is the independent authority set up to uphold information rights and they are a good source of detailed information. There’s some useful content from Kyocera on printer vulnerability.

<< Collapse Text

Contact us by filling out the form below:

 

Please view our Privacy Policy

Leave a comment

Your email address will not be published. Required fields are marked *