News

G-day Is Here!

Thu, 24/05/2018 - 16:42
Redstor_GDPR_Arrival_blog
Data Management , Data Protection

The wait is over. The period for becoming compliant has finished and the General Data Protection Regulation (GDPR) is now in full effect.

Organisations across Europe have had 2-years in which to prepare for the updated data protection laws and must now ensure that compliance is on-going. The regulation has updated legislation two decades only, creating data protection laws that are modernised and better suited to how technology is now used daily.

While businesses, schools, charities and all other organisations have had the task of becoming compliant, the regulation affects all European citizens. Data subjects, people whom data is about, have increased rights under the GDPR, meaning that organisations must protect their data better and give more access and more control to data. Find out about key changes under the GDPR here.

 

State law

With just two-days to go the UK Data Protection Act (2018) received royal assent, ensuring that UK law and European law on the GDPR will be in full effect from Friday, May 25th, 2018. Across Europe, member states of the European Union will also have passed the GDPR into state law.

Regulatory Authorities such as the Information Commissioner’s Office (ICO) will now face the task of monitoring and enforcing the regulation. This will likely mean an increased workload in the short-term with organisations having a legal requirement to report all breaches. In the longer-term the number of breaches reported should decrease as the number of breaches falls due to improved data protection processes.

 

Ongoing compliance

In addition to complying on an ongoing basis, organisations face the challenges of being able to demonstrate compliance across different areas of the regulation. As part of the increased subject rights under the GDPR, data subjects can submit access requests, requests for erasure and requests for copies of their data. Organisations will need to ensure processes for dealing with these requests and if requests are rejected for any reason, such as an erasure request, there must be legal grounding in the refusal and a process to prove this process must exist.

The reality of being able to demonstrate compliance can be tricky. Organisations store and process data in many different locations and for many different purposes. This can make it difficult to identify data, take copies of it and share it securely to meet compliance needs. Data protection and compliance tools can assist in this, such as GDPR365. Learn more about demonstrating compliance with GDPR365.

 

With 20-years’ experience in helping organisations protect and manage data in line with data protection laws, Redstor has spent 2-years independently researching the GDPR in order to assist and advise customers and partners on how to comply. Download the ‘Ongoing compliance’ whitepaper now.

Recent Articles

Redstor_Ransomware_Typewriters_blog Ransomware

Latest Ransomware Attacks Leave Organisation Working On Typewriters

Ransomware is a threat to all organisations and has been prevalent for a number of years. Although recent reports suggest that organisations are no... read more

August 09, 2018
Redstor_Reddit_blog Ransomware

Two-factor Becomes Hack-factor In Reddit Attack

The last few years have seen a number of high profile hacks, each growing in complexity and affecting masses of people. Strains of ransomware have... read more

August 07, 2018
Redstor_Dixons_super-breach_blog Disaster Recovery

Dixons Breach Becomes Super-breach Following Review

Earlier this year high street electronics firm Dixons Carphone revealed that a data breach had occurred the previous year, effecting over 1 million... read more

August 02, 2018