Each EU member state will establish a Supervisory Authority, in the UK this is the Information Commissioner’s Office, or ICO; which will be responsible for their country but will also work with other SA’s.
What is GDPR?
See our handy guide to the 2018 General Data Protection Regulations
A fine system will be put in place for breaches with the highest category of data breach resulting in fines of up to £15.8 million or four percent of global annual turnover, whichever is greater.
GDPR requires organisations to notify the ICO, or the relevant SA for their jurisdiction “without undue delay” and within 72 hours of any breach of data security being discovered.
Your organisation must appoint a DPO if you are a public authority, carry out large-scale monitoring of individuals or perform large-scale processing of special categories of data.
A data subject shall be able to transfer their personal data from one electronic processing system to and into another, without being prevented from doing so by the data controller.
GDPR will apply to all businesses within the EU and also to any organisation outside of the EU who processes the data of EU residents.
Also called the ‘right to be forgotten’, this control gives a data subject the right to require a business to permanently delete all information held about them on any one of a number of grounds.
Valid and explicit consent must be given for all data collected and the purpose for its use must be fully explained in simple language to data subjects. Opt-in options must be present for all data collection and consent must be retractable at any time.
Privacy must be built into all new projects and initiatives including the requirement for privacy impact assessments, or PIAs, to be conducted to determine the effects of a project on data subject’s information
The current data protection notice requirements remain. They now must also include the retention time for personal data and contact information for any data controllers and the organisation’s data protection officer.
How we can help
The UK Government’s Cyber Essentials program is a fantastic way to show you are working to be compliant with GDPR. We can provide help getting ready to be certified & the certification service.
Take steps to prevent a breach, with Paxton access control solutions and a multitude of CCTV solutions, we can help you lock down and monitor access to your buildings and rooms where sensitive data is stored.
With multiple partners in the backup & recovery space, we can ensure you have your business data secure and available to you whatever happens.
Thanks to our partnership with Sophos we can provide you with the latest in device & network edge protection with industry-leading software & hardware data security solutions to stop threats to your organisation at the point of entry to your network.
Test your IT security defences with our Penetration testing services. GDPR requires you proactively test your systems are secure and an external test provides strong evidence of this.
Take your processes and documentation to the next level and become ISO certified to improve customer confidence, open new avenues of business & demonstrate a strong culture of compliance.
Telephone: 0118 334 1014
Option 1 – sales
Option 2 – support helpdesk
For the latest offers, join our newsletter
Our Office Hours
Monday – Friday: 8:00-17:00
Monday – Friday 08:00 – 18:00
Weekends & Out of office hours – by arrangement