GDPR

In The spring of 2018, the EU General Data Protection Regulation (GDPR) will replace all other data protection regulations within Europe. This is important to know and understand, as there is the potential for huge fines: up to €20million, or 4% of the company’s global turnover (whichever is higher). The main purpose of GDPR is to protect the data rights of EU citizens, along with their privacy (i.e their personal data). Anyone who does business within the European single market will need to comply with the new laws. This includes no-EU businesses who have dealings with EU customers.

Helping Keep Systems
Updated

Helping Companies Keep Compliant
With Laws

Keeping Customers
Safe

GDPR Compliance Checklist

There are several key actions which need to be taken by businesses affected before the May 2018 deadline:

Firstly, you will need to audit your current situation. Getting a realistic view of your current status is important so you understand how much needs changing in order to be complient with the regulations.

  • Data audit
    1. Data Audit: Make sure you know where all your data is stored, who has access to it, and on what devices it is stored.
    2. Services partners: Ensure every service partner (such as cloud based storage, SaaS etc) who has access to your data is also complient with GDPR.
    3. Devices: Make sure you know each and every device which has access to personal data – whether this is officially sanctioned or not.
  • Access Control
    1. Admin Control: check that only a select few have access to admin areas and controls, to minimise the risk of others gaining control of the network.
    2. Access to personal data: Data should be accessed on a need to know basis. This should be based on the user, the device and the network the request comes from.
    3. Remote access and erasure rights: Check you can retrieve and erase data from all devices with access to personal data, especially in the cases of loss or theft.
  • Upgrade Devices
    1. Regular Security and Scanning: traditional antivirus/anti-malware and firewalls might not be completely foolproof, but they are important! Make sure they are updated regularly.
    2. Real-time Detection: install real time breach response software to secure your endpoints. Include a Security Information and Event Management (SIEM) tool.
    3. Train Employees: Ensure employees are trained to avoid simple mistakes which can be harmful to your data – some 58% of cyber threats are caused by insider negligence or intent, such as opening unknown attachments.

GDPR Overview

Alongside increasing security, the following actions will help you to comply with the provisions of the GDPR:

  • Data breach should be reported within 72 hours (prove due diligence in preventing them)
  • The right to be forgotten – all personal data of an EU citizen should be erased upon their request.
  • Data portability: all personal data held about an EU citizen should be presented in an accessible format when requested
  • International Transfers: all data should only be transferred to other GDPR compliant organisations or companies, or those which are deemed “adequate”.

Expert GDPR Services

Here at IT Outcomes, we are aware that changes to data protection laws and regulations can put a huge strain on businesses, especially when there are lots of checks and analysis to be done prior to making adaptations to comply with the new regulations.  This is why we recommend our GDPR consultancy services.

GDPR consultancy is a great way for you to get to understand the complexities of the new GDPR regulations, as well as getting your business set up to be fully compliant with the new laws.  From assessing the current situation with data protection in your business, to organising a plan of action to make the necessary changes, we can help you to work to an effective timescale in order to meet the demands of the GDPR laws before the May 2018 deadline.

Why Are Support Packages So Beneficial?…

Our IT Support Packages can be tailored to fit exactly your requirements. We offer a broad range of comprehensive fully managed to proactive IT support packages for all sizes of businesses throughout the UK. Whether you need full support in all levels of technical expert, or a helping hand with an in-house IT team, take advantage of our highly efficient service desk, 24/7 monitoring software so you ensure that each day, you IT network remains on point. Our range of monthly IT Support Packages are designed to make it easier for you to identify the requirements needed based on your budget.

We are flexible in our approach, so in case there isn’t a fit perfect for you, then do get in touch as our packages can be tailored. Contact a member of the team today, who’ll be able to build / tailor a package suited to your business and requirements. We aim to deal with all enquiries on the same day that they are received.

Why UK Businesses Need GDPR Services

Having read through all the information about GDPR, you will appreciate that it is an important undertaking for all UK businesses to be informed, clear and compliant in the new regulations.  Just in case you are not yet convinced, here are our top reasons why GDPR is crucial to your business.

  1. Personal Data is a Risk. Holding a large database of personal information is now a cost and a risk for businesses.
  2. Global Privacy is changing. The GDPR is not limited to EU businesses – even non-EU companies must comply with it if their customers are EU based.  As the toughest data protection legislation in the world, it is highly likely GDPR will become standard throughout the world.
  3. All businesses are affected. Although initially aimed at larger busineses, defined as those with at least 250 employees or processing more than 5,000 personal data records per year.  In time, it is likely that all businesses which hold personal data will need to comply.
  4. The right to be forgotten – anyone has the right to ask for their data to be removed from a database as long as organisations are not required to keep it for legal reasons.
  5. Security breaches must be reported within a maximum time limit of 72 hours, but could be as little as 24 hours in the most serious circumstances.

Talk to IT Outcomes

Want to speak to someone straight away? Talk to one of our
senior consultants – we are always ready to take your call!

Call 0330 332 62 62

Get in touch

At IT Outcomes we love to hear from our customers, whether you are new to Managed IT Services, are looking to change your existing supplier or need advice just call or email and our approachable team.

WAIT! BOOK A FREE IT SITE VISIT

Ignoring IT Issues & Faults that manifest can shutdown organisations!

Don't ignore these minor issues! Instead speak to IT Outcomes friendly team who won't put the 'sales spin' on your issue, but simple and effective action plan and free advice moving forward!

This information is NEVER shared with 3rd parties