GDPR – EU GENERAL DATA PROTECTION REGULATION
On 25th May 2018 the EU General Data Protection Regulation will come into force. It will have far reaching consequences for your business and the way you handle your customer’s personal data.
The General Data Protection Regulation (GDPR) updates the current Data Protection Act. It is more extensive in scope and application, creating a single EU regulation that overrides the complicated data protection regulations of various EU countries. Irrespective of Brexit negotiations, the UK will have to abide by the new GDPR regulation and the UK government has confirmed that the regulation will apply.
WHAT IS GDPR?
GDPR applies to all organisations that handle, store and process personal data. There is no limitation on business size or geographical location, even businesses outside of the EEA (European Economic Area) will need to comply if they are processing the personal data of any EU citizen or resident.
GDPR will be enshrined into UK law on the 25th May 2018, all businesses, charities, government and schools have to comply with GDPR regulation—it’s the law!
A data breach can result in a fine from a supervisory authority of up to 4% of your global turnover or €20 million, whichever is greater!
Whether you are a data controller or data processor, this law will apply to you and compliancy must be achieved before May 2018.
Q: Where to begin?
A: The simplest approach is to simply “do something”, any proactive planning or action an organisation makes towards achieving compliancy will be viewed favorably by the ICO and usually negate the highest of level fines.
Q: Who can help me?
A: ONS can assist with getting you on the road to compliancy; we can offer awareness training, planning and assistance and specialty services including perimeter security, encryption, DPIA and site surveys.
|Attend one of our GDPR Awareness Courses in order to find out where to begin, what to do, and what elements apply to your organisation.|
- GDPR – what it is, and how it applies to you.
- Data controllers and processors, the differences and how to define them
- The definition of “personal data”, and the new “special categories of personal data”
- Getting ahead of the curve; Data Protection Impact Assessment (DPIA) “Origin, Nature and Severity”
- What to do next; Formally documenting your road to compliance
- What constitutes a data breach, how to define it and your legal obligations
- How to stay compliant, ensuring continuous data protection and privacy
- Questions and Answers
Bespoke on site GDPR training, consultancy and readiness testing is also available upon request.