Are you ignoring GDPR?

On 25 May 2018 the General Data Protection Regulations (GDPR) came into force. The European Union Parliament and Council developed GDPR to harmonise and strengthen the rights of data subjects across Europe, including when data is transferred to third party countries.

In addition to the existing Data Protection Regulations GDPR now

enhances some of the rights of individuals that currently exist under the DPA and

creates new rights such as the right to be forgotten and the right to erasure

provides for increased accountability and processes to demonstrate compliance. For example, all public authorities will need to have a Data Protection Officer and the consent requirements are much higher.

breaches will have to be reported to the Information Commissioners Office within 72 hours and the potential fines for breaches are up to €20 million.

GDPR ensures that any data breach is treated seriously and organisations now have to disclose breaches, or face consequences. All too often an organisation’s first response is to protect their reputation by covering up a breach.

There is now governance and organisations must share accurate information about the data they hold and how they use it. Probably the most important development is the ‘right to be forgotten’. eDiscovery is now essential and organisations must be able to lay their hands on data. Failure to comply is regarding as a failure at boardroom level.

Cyber Security

Find out how you can strengthen your cyber security. Call us today for advice on how to protect your information systems.

+44(0) 29 2010 0982