Cloud Backup

We`re just sending through your details

Please give us a few moments whilst we get your account ready.


UK Government Announces New Data Bill

UK Government Announces New Data Bill

posted in Cyber-Security ● 17 Aug 2017

In line with the upcoming General Data Protection Regulation (GDPR), Matt Hancock, Digital Minister, has announced plans for a new Data Bill set to strengthen current data protection laws in the UK. The GDPR has been making headlines across the globe in the last 18 months, but with less than 8 months until the deadline for compliance the UK government has begun the process of making the regulation UK law.

Among the noise of Brexit negotiations, some chose to believe that the GDPR may not take such an effect on UK based organisations; several months ago, it was reported that more than 40% of companies were not aware of or prepared for the GDPR coming into place. However, with the regulation set to affect all organisations that trade with or hold data regarding European Citizens, Brexit or not non-compliance is not an option.

Who, what and where?

The statement of intent published by the Department for Digital, Culture, Media & Sport on August 7th lays out an overview of the planned reforms to data protection in the new Data Protection Bill. Among many changes, one which has been heavily publicised is the increase in the fine that can be given as punishment for not complying with data laws. Previously, in the Data Protection Act (DPA), an organisation could be given a fine of up to £500,000 for a serious breach, this figure is now £17m or 4% of global revenue.

With the regulation set to come into place early next year, across Europe, each state will be charged with enforcing the new laws; The Information Commissioners Office will be responsible for this in the UK. Key changes under the new data protection bill include:

  • A renewed focus on protecting personal data and the rights an individual has with regards to their personal data.
  • Making it simpler to withdraw consent to the use of personal data.
  • Updated definitions of key terms as previously defined in the Data Protection Act 1998, including what classifies as personal data.
  • Further onus on data processors to protect individual’s rights.
  • New guidelines on reporting a data breach and the timeframe to do so without incurring a monetary penalty.

While some of the changes may seem drastic, it is important to realise that the DPA is almost 20-years old and the technological advancements that have come within that time.

“The new Data Protection Bill will give us one of the most robust, yet dynamic, set of data laws in the world.” – Matt Hancock

What do you need to do?

To comply with GDPR it is important to understand which parts are likely to affect you or your organisation, for example some but not all organisations will have to consider employing a person in the position of Data Protection Officer to help with compliance.

An area that all organisations will have to comply with is updating processes around consent to the use of personal data. Organisations must be given clear and ‘unambiguous’ consent and must ensure that the purpose of data collection is clear and available, processes must also be put in place to be able to track consent and for consent to be easily withdrawn by the data subject.

Due diligence must also be taken by organisations to ensure that the managed service providers and contractors they work with are not putting the organisation at risk of data breach. It is stated in the regulation that ‘technical and organisation measures’ must have been taken.

Do I need to hire a DPO?

A DPO’s primary focus will be to inform and advise an organisation and its employees about their obligation to comply with the GDPR and other data protection laws. Including monitoring compliance with GDPR, and other data protection laws, train staff and conduct internal audits. They must report into the highest level of management and cannot perform the role if they are in an alternate role that could create a conflict of interest.

Under the regulation, organisations must appoint a DPO if they are a public authority, carry out monitoring of individuals on a large scale or process special categories of data on a large scale.


Redstor will be partnering with GDPR365, to ensure all organisations are prepared for the new Data Protection Bill and the GDPR. GDPR365 gives organisations a platform to review and organise their processes to ensure they are GDPR compliant and to provide a framework for new documentation needed under the regulation.

Alternatively, download the GDPR White paper.

What is data immutability and can it be achieved for backups?

Something that is ‘immutable’ will by definition never change or cannot be changed.


Continue reading

Redstor named Hosted Cloud Vendor of the Year

Redstor was named Hosted Cloud Vendor of the Year at the 2022 Technology Reseller Awards. Andy Kerr, Redstor’s head of marketing in Europe, is pictured receiving the award with colleagues Harpal Chima, Tom Walker, Kim Reddy and Alan Manicom at the London Hilton Bankside Hotel.

Continue reading

Redstor wins IT Europa Channel Award

Redstor was named Connected Technologies Vendor of the Year at the IT Europa Channel Awards. Gareth Case, Redstor’s Chief Marketing Officer, is pictured receiving the award with Brian Evans, Adele Quinn and Lara Sibley at the Royal Lancaster Hotel, London.

Continue reading

Download The Ultimate MSP Growth Guide

  • This field is for validation purposes and should be left unchanged.