As we have moved into the digital age, use and misuse of data has evolved and increased, exponentially. On 25th May 2018, the GDPR replaced the Data Protection Act of 1998, bringing in legislation that tackles the modern threats to data.
What is GDPR and does it affect me?
If you collect, store or process personal data that can be identified with an individual – by name or other identifiers, then GDPR will affect you.
The General Data Protection Regulation (GDPR) seeks to create a data protection law framework across all organisations that manage, process and control data, and aims to give control of personal data back to the individual. The reform imposes strict rules on those hosting and processing this data, anywhere in the world.
What will I need to adhere to?
GDPR compliance will mean a legal requirement for you to:
- Have a lawful purpose for collecting the data
- Only collect the minimum data you require for that purpose, and hold it for no longer than is necessary
- Process and store the data securely – whilst also ensuring that it is accurate and up-to-date
- Ensure that you can provide the data subject with the data you hold upon receipt of a legitimate request
What if I fail to protect data under GDPR?
If you are found to be in breach of the Regulation then the fines are potentially catastrophic.
If personal data is lost or stolen then you must inform the Information Commissioner’s Office (ICO) within 72 hours of discovery. The ICO may then choose to investigate how the data loss or security breach has occurred, and whether or not you have been in compliance with GDPR.
- Rogue employees
- Ransomeware attacks
- Honest mistakes
- Phishing emails
- Technology failures
How can Microtrading help with my GDPR compliance?
We can help you put in place the practical and technological solutions that will keep your sensitive data safe, and fulfil your obligations to the GDPR.
Microtrading offers a comprehensive range of data protection services that keep both the sensitive data you hold on individuals, as well as that of your own company and staff, safe.
- Hardware firewall with gateway services – delivering multi-layered protection that prevents hackers from gaining external access to your network
- Patch management and updates – keeping your software up-to-date with the latest vendor updates and patches, with our automated patch management system
- Backup management – maintaining regular backups to mitigate the risk of data loss and get your business back up and running with minimal disruption following a failure, malware attack or other major outage
- Data encryption – we can encrypt company data held on PCs, laptops, tablets or mobile phones, keeping it safe if these devices are lost or stolen
- Digital rights management – restricting and managing access to sensitive data; this includes who can access it, where they can access it and what they can do with it
How do I find out more?
If you’re interested in knowing more about the GDPR, visit the ICO’s website. On here you will find lots of useful information about the regulation, how it will impact your organisation and the steps you need to take to ensure compliance.
Also, we can help you too. Using technology to discover, manage, protect and report on the sensitive information you hold can accelerate your path to compliance. Contact our team on 0121 784 0077 for advice and guidance on how we can help you to comply.