In May 2018 GDPR is set to take the UK by storm.
GDPR is the new data protection relations which are being put into force in May 2018. Their aim is to change the way businesses handle their personal data to accommodate the risks of the digital age. GDPR will mean that you must know how to obtain, store and protect your data from cyber breaches. GDPR data protection regulations will apply to all businesses who handle EU personal data.
GDPR, or to give it its full title, the General Data Protection Regulation, has become far more than just ‘data protection’. With the evolution of technology and the move to online, our sensitive data has become more readily accessible to hackers.
With high profile breaches like ‘WannaCry’ hitting the headlines on a regular basis, more stringent regulations have had to be put in place to ensure businesses are handling their data securely.
GDPR UK is set to launch in May 2018, but how far along are you in your journey to readiness? A recent survey revealed that while over 90% of businesses had some familiarity with GDPR, less than a third believe they are well on their way to compliance.
If you are not prepared for GDPR, not only could you be fined heavily, your reputation could be damaged resulting in the loss of customer trust.
GDPR 2018 will mean that businesses will have to be far more cautious about safeguarding their data. According to new legislation any data that can be used to identify an individual is classed as ‘confidential’. This will include: genetic, economic, mental, cultural or social information. It will also be essential that businesses are able to show they have full consent to use this personal data.
How does my business need to prepare for the GDPR data protection regulations?
Moving forward, it will be vital that organisations have a Cyber Security plan in place to protect them against theft, breaches and loss. This will involve Cyber Security awareness for staff, security of data and having full awareness of what steps you need to take if you experience a data breach. When GDPR regulations are in place, you are also obliged to notify the authorities within 72 hours of an attack. If this intrusion includes the theft of private information then the individuals also need to be informed without delay.
How can Equilibrium help you prepare for GDPR?
We understand that there is a lot of confusion surrounding GDPR and how you should start your preparations.
However, with simplicity in mind, we offer a hassle free and easy to follow GDPR Readiness Assessment to ensure that you are prepared for GDPR. It is by no means a ‘one size fits all’ approach as we know that each business is unique and at a different point in their journey to GDPR readiness.
What does our GDPR Readiness Assessment entail?
Using the IASME GDPR framework, we will conduct a gap analysis to review how you obtain, store and protect your data from potential breaches against five components:
- Security Policy
- Technical Controls
- Cyber Insurance
- Security Training
- Risk Assessment
Once completed, a Security Consultant will work collaboratively with you to ensure you achieve your IASME GDPR Readiness Certification.