We`re just sending through your details

Please give us a few moments whilst we get your account ready.

OKAY

Questions? We Take the What, When and How Out of GDPR

Questions? We Take the What, When and How Out of GDPR

posted in Cyber-Security ● 25 May 2017

With the General Data Protection Regulation (GDPR) set to take effect in a year and a day, Redstor cut back the jargon and give you the answers you need.

What?

GDPR, replaces the previous Data Protection Directive (DPD), adopted in 1995, and will in the UK, replace and strengthen the Data Protection Act (DPA). One of the initial differences between GDPR and DPD, is that GDPR is a regulation not a directive; as a regulation, no additional enabling legislation will have to be passed by governments of member states.

Key points under GDPR include:

  • More focus on the protection of personal data
  • Higher fines for non-compliance (€20 million or 4% of global revenue)
  • Breach notifications must be reported in 72 hours.
  • Organizations will be effected globally

When?

GDPR has been making headlines for some time and it is more than likely you’ve heard or read about it. The General Data Protection Regulation, was first proposed by the European Commission in 2012 and following lengthy consultancy stages and talks became law in May 2016. At this stage member states were given a 2-year period in which to become compliant with the regulation.

  • The 2-year period ends on May 25th 2018, when GDPR becomes active.

How?

Each member state is responsible for complying with the Regulation as this will become European Law, they then have the powers to create additional legislation in certain categories and around ‘special data’.

Each member state or union will have to regulate the new laws and the relevant supervisory authority will be responsible for investigating data breaches and assigning penalties as necessary

  • In the UK this is the Information Commissioners Office (ICO)
  • In Germany this is The Federal Commissioner for Data Protection and Freedom of Information

As the regulation effects all organizations who hold or process data on any European citizen or organization, it has been called the Global Data Protection Regulation by some.

Preparing

To ensure your organization is prepared for GDPR it is important to gain an understanding of the legislation that will affect you, your responsibilities and importantly of your data.

Organizations are likely to have to implement, or at least update, data protection policies that are in place. It is important to take ‘technical and organizational measures’ to ensure data is protected and the risk of data breach is minimized.

To find out more information around the GDPR and how you can ensure compliance, download the Redstor whitepaper for a complete guide.

Definitions:

Key definitions are set out in Article 4 for the purposes of this regulation.

  • DATA SUBJECT – An individual who is the subject of personal data.
  • DATA PROCESSOR – Any person (other than an employee of the data controller) who processes the data on behalf of the data controller.
  • DATA CONTROLLER – A person who (either alone or jointly or in common with other persons) determines the purpose for which and the manner in which any personal data are, or are to be, processed.
  • PERSONAL DATA – Any information related to a data subject that can be used directly or indirectly to identify that person*.
  • DATA BREACH – A data breach is a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to, personal data transmitted, stored or otherwise processed.

 

*Under GDPR this now covers information including an IP address.

 

 

10 things every IT service provider should know about providing Azure Kubernetes Services (AKS) backup

Kubernetes data protection represents a massive opportunity. Around 30% of global organizations are currently running containerised applications in production – by 2022, Gartner predicts that figure will be as high as 75%.

Continue reading
Vital new role of AI in keeping backup data safe from malware

Vital new role of AI in keeping backup data safe from malware

Every day more than 350,000 new types of malware are unleashed on the internet. The scale of the problem is so massive, it is no longer enough to have traditional anti-virus software, solely defending against known threats.

Continue reading
Xero Data Backup

Why you should consider Xero Data Backup for your accountancy firm

Ignoring the need for a third-party backup is a major gamble. Xero’s own Services Agreement states: “You must maintain copies of all data inputted into the service. Xero expressly excludes liability for any loss of data no matter how caused.”
Continue reading