No doubt you remember this time last year frantically scrambling around to ensure your company was data compliant before the General Data Protection Regulation (GDPR) came into effect.
How time flies! It’s been over a year since GDPR was introduced, in May 2018. What better time to refresh our memory of that blood pressure raising regulation and ask: are you still doing all you can to be GDPR compliant?
But in case you need a refresher on GDPR – we don’t blame you! – it can be summarised by seven main principles. These principles are:
- Lawfulness, fairness and transparency
- Purpose limitation
- Data minimisation
- Storage limitation
- Integrity and confidentiality (security)
They form the heart of the data protection regulation, designed to protect data by ensuring a consistent rule of law for personal data throughout the EU. They are enforced with robust financial penalties.
GDPR complaints and breaches coming thick and fast
Figures from GDPR Today show that ten months after the introduction of the legislation, significant numbers of complaints had been filed across the EU. In the UK, we’ve seen a relatively high number of consumer complaints – just over 33,000. Or to put it another way 51 per 100,000 of our population. By comparison Germany, with a larger population, only had about 15,000 complaints. It seems as a nation we are highly diligent at exercising our data protection rights.
And worryingly, we had a high number of data breach notifications, including hacks – 11,600. This equates to 42 every single day!
To keep those complaints away, you and your business must remain diligent. To help you in complying with GDPR, we’ve compiled a few of the basic IT measures you should be on top of.
Which IT measures should you implement?
Your IT infrastructure has an important part to play in GDPR compliance, but of course is not the whole story. Don’t forget the basics to IT security like your firewalls, software patches, anti-virus and password policies. If you permit “Bring your own devices” these could pose particular risks as they blur the boundary between professional and home life.
With cyber criminals becoming ever more sophisticated, there are, fortunately, also an increasing range of advanced security solutions. We’d advise being aware of what’s available, so do get in touch to discover more. You’ll also need to look carefully at how you store and manage data.
Don’t become a GDPR statistic
If you are concerned about your GDPR compliance, talk to us. We can provide bespoke consultancy on how you store and manage your data, and the records you need to keep of the IT measures you’ve put in place.
We can also provide a host of security solutions from the best anti-virus software to phishing awareness training and penetration testing. Just give us a call today on 01454 534 009 to find out more about our GDPR compliance and cyber security services.