News

G-day Is Here!

Thu, 24/05/2018 - 16:47
Redstor_GDPR_Arrival_blog
Data Management , Data Protection

The wait is over. The period for becoming compliant has finished and the General Data Protection Regulation (GDPR) is now in full effect.

Organisations across Europe have had 2-years in which to prepare for the updated data protection laws and must now ensure that compliance is on-going. The regulation has updated legislation two decades only, creating data protection laws that are modernised and better suited to how technology is now used daily.

While businesses, schools, charities and all other organisations have had the task of becoming compliant, the regulation affects all European citizens. Data subjects, people whom data is about, have increased rights under the GDPR, meaning that organisations must protect their data better and give more access and more control to data. Find out about key changes under the GDPR here.

 

State law

With just two-days to go the UK Data Protection Act (2018) received royal assent, ensuring that UK law and European law on the GDPR will be in full effect from Friday, May 25th, 2018. Across Europe, member states of the European Union will also have passed the GDPR into state law.

Regulatory Authorities such as the Information Commissioner’s Office (ICO) will now face the task of monitoring and enforcing the regulation. This will likely mean an increased workload in the short-term with organisations having a legal requirement to report all breaches. In the longer-term the number of breaches reported should decrease as the number of breaches falls due to improved data protection processes.

 

Ongoing compliance

In addition to complying on an ongoing basis, organisations face the challenges of being able to demonstrate compliance across different areas of the regulation. As part of the increased subject rights under the GDPR, data subjects can submit access requests, requests for erasure and requests for copies of their data. Organisations will need to ensure processes for dealing with these requests and if requests are rejected for any reason, such as an erasure request, there must be legal grounding in the refusal and a process to prove this process must exist.

The reality of being able to demonstrate compliance can be tricky. Organisations store and process data in many different locations and for many different purposes. This can make it difficult to identify data, take copies of it and share it securely to meet compliance needs. Data protection and compliance tools can assist in this, such as GDPR365. Learn more about demonstrating compliance with GDPR365.

 

With 20-years’ experience in helping organisations protect and manage data in line with data protection laws, Redstor has spent 2-years independently researching the GDPR in order to assist and advise customers and partners on how to comply. Download the ‘Ongoing compliance’ whitepaper now.

Recent Articles

Redstor-DR_or_reduced_downtime_blog Disaster Recovery

Disaster Recovery or Reduced Downtime?

Disaster recovery (DR) has historically been out of reach to some organisations. The need for expensive equipment or services outweighed the... read more

June 19, 2018
Redstor_UK Data Breaches_blog Data Protection

Data Breaches In The Public Sector

Data breaches are an expensive problem and are about to become even more costly. The introduction of the GDPR will make them more expensive,... read more

June 14, 2018
Redstor-_Why_great_support_is_vital_blog Disaster Recovery

Why Great Support Is Vital To IT Strategy

An organisation’s IT strategy must deal with many aspects, from ensuring users have a seamless experience to protecting against the threats of... read more

June 12, 2018