News

100 Days To Go…

Wed, 14/02/2018 - 17:28
Redstor_100Days_to_GDPR
Data Protection

Wednesday 14th February 2018, valentine’s day, but more significantly it’s 100 days until G-day. May 25th, 2018, the day on which The General Data Protection Regulation will come into full effect across Europe following a 2-year transition period set by the European Council. The regulation will be the largest shake-up of data protection laws across Europe in 20-years.

With just, 100 days to go, organizations across all of Europe should be well versed in the regulation and preparations to ensure compliance should be nearing completion. However, with surveys over the past 18-months telling a different picture, it seems likely the Information Commissioner’s Office will have a busy period after May, dealing with breaches.

 

Almost a quarter of London firms still unaware of the GDPR

A recent survey commissioned by London Chamber of Commerce and Industry (LCCI) has found that a startling number of London businesses are still unaware of the legislation; approximately a quarter of London business.

The London Chamber of Commerce and Industry (LCCI) commissioned and conducted the survey of 500 companies discovering that 24% of the companies surveyed knew nothing about the GDPR and its impending implementation as British law. Furthermore, only 16% of the companies interviewed considered themselves to be prepared for the legislation.

The lack of information seems prevalent throughout businesses, with 21% stating that they would require more information to be able to prepare. However, the most shocking statistic was that 34% felt that GDPR was not relevant to them as an organization.

 

Don’t know what GDPR is yet? Time to be worried.

One aspect of the regulation which has been regularly making headlines is the new penalties that can be enforced. These penalties are much larger than the current £500,000 fine that can be imposed by the ICO, with firms now in danger of receiving penalty fines of up to £17,000,000 for the most serious breaches (or 4% of global turnover, whichever is higher). Other key points of the GDPR include:

  • Updated definitions for personal data and for consent. All definitions can be found in Article 4 of the regulation.
  • Increased responsibilities for data processors to reduce the risks of a data breach.
  • The right for data subjects (individuals) to have all data held on them, deleted.
  • A requirement to be able to demonstrate compliance.

 

How to start preparing your organization for GDPR in 100 days

Businesses of all sizes will need to prepare for GDPR and implement processes to assist with demonstrating compliance. One of the main differences between GDPR and the Data Protection Act (DPA) is the transparency that businesses will need to provide to the Information Commissioner’s Office (ICO). If a breach occurs, under the GDPR, organizations have a responsibility to report it to the ICO within 72-hours, failure to do so is considered a breach of the regulation and can be penalised with a fine.

The ICO has provided a basic guidance for organizations outlining 12 steps that organizations should take now.

Mapping and reviewing data is an important step in compliance, under a regulation that is being put in place to ensure data is being protected securely. By mapping data, and who has access, organizations can begin to mitigate risk and ensure breaches do not occur.

 

Redstor, helping you comply with the GDPR

Redstor have partnered with compliance management experts GDPR365, to help ensure all organizations are prepared for the new Data Protection Bill and the GDPR. GDPR365 gives organizations a platform to review and organize processes to ensure they are GDPR compliant and to provide a framework for new documentation needed under the regulation. To learn more about GDPR, GDPR365 and how Redstor can help, get in touch now.

Recent Articles

Redstor_Loiberty_blog Ransomware

Liberty At Risk After Major Breach

South African Insurance firm Liberty have suffered a major data breach with the potential to put client and customer data at risk. There is little... read more

June 21, 2018
Redstor-DR_or_reduced_downtime_blog Disaster Recovery

Disaster Recovery or Reduced Downtime?

Disaster recovery (DR) has historically been out of reach to some organizations. The need for expensive equipment or services outweighed the... read more

June 19, 2018
Redstor_UK Data Breaches_blog Data Protection

Data Breaches In The Public Sector

Data breaches are an expensive problem and are about to become even more costly. The introduction of the GDPR will make them more expensive,... read more

June 14, 2018