GDPR
DATA PROTECTION

0330 332 6262  |  solutions@itoutcomes.com

Government Regulations

General Data Protection Regulation will apply from May 2018 – discover the legal implications for your business.

Securing Systems

Giving users and individuals the protection and security needed in the modern age.

Customer Protection

Rights and regulations to protect the individual and their data.

Who Needs Data Protection?

We have had data protection regulations in the UK for many years, offering individuals the protection they need over their personal data.  Personal data is any information about a person which could lead to them being identified from it, such as their name, address, date of birth, political or religious opinion or even more sensitive information such as medical records, or criminal records.  The current data protection laws lays down rules about how data about people can be used.  This includes information stored on computers or in paper filing systems about living people.  These laws are soon to be upgraded to the new General Data Protection Regulations – a set of regulations laid down by the EU.  It is essential that businesses understand these new regulations, as they will affect almost every business within the UK.

  • Personal Data

  • Financial Information

  • Personal Beliefs

  • Medical Records

  • Criminal Record

  • Gender / Sexual Orientation Data

Data Security Breaches

As part of the new GDPR rules, it is the responsibility of the business or their data protection officer to report any data breaches to the relevant authority.  A data breach is the deliberate or accidental release of secure (private or confidential) information to an untrusted source.  These can include data leaks and spills as well as accidental release of data.

Data breach can be highly serious, depending on the nature of the breach, as well as the nature of the information released.  Data breaches may involve financial information such as credit card or bank details, which can be incredibly stressful and potentially dangerous for those involved.

The difference with GDPR data breach rules and the current regulations is that currently, there are no obligations on businesses to give notification about personal data breaches to the Information Commissioner’s Office (ICO), whereas under the new rules, it will be essential to notify the ICO of any data breach within a 72 hour period.  This will put a great strain onto data protection officers, unless they have had full training in the new regulations and their changing roles.

Failure to notify about a data breach could land you with a hefty fine – up to 20 million euros, or 4% annual global turnover – whichever is larger.

Data breaches should be reported to the supervisory authority when they are likely to pose a risk to the rights and freedoms of individuals.

It is still considered a data breach even if no data is actually taken (such as with ransomware)

There is a 72 hour window in which breaches must be reported.

Get in touch

Find out more about our GDPR consultancy services which we have designed specifically to support businesses with their obligations under the new rules.  Contact us today to book a consultation or to discuss your business requirements.

Privacy Preference Center

Cookies

We use cookies to ensure that we give you the best experience on our website. If you continue to use this site we will assume that you are happy with it.

Session Cookies, Preference Cookies, Security Cookies
Session Cookies, Preference Cookies, Security Cookies
User Login, Post a Comment

Close your account?

Your account will be closed and all data will be permanently deleted and cannot be recovered. Are you sure?

WAIT! BOOK A FREE IT SITE VISIT

Ignoring IT Issues & Faults that manifest can shutdown organisations!

Don't ignore these minor issues! Instead speak to IT Outcomes friendly team who won't put the 'sales spin' on your issue, but simple and effective action plan and free advice moving forward!

This information is NEVER shared with 3rd parties