Key definitions under the general data protection regulation
Security of processing data
Article 32 sets out conditions for the security of processing data under the GDPR and is vital for customer-facing organisations, service providers and suppliers. Controllers and processors must implement ‘technical and organisational measures to ensure a level of security appropriate to risk’. It could be assumed risks like ransomware or a natural disaster must be accounted for.
Find out how Redstor helped Rooks Rider solicitors:
The GDPR will affect all businesses, organisations and individuals within the EU. For organisations that are not compliant there is not only a higher risk of suffering a data breach, but a real risk of damaged reputation and a lack of customer confidence. Being compliant will set you apart, being non-compliant will drag you down.
Supervisory authorities can take action in several ways to reprimand organisations for non-compliance. The fines that can now be given for a major data breach can be up to €20 million or 4% of global turnover, whichever is higher.