The increasing number and magnitude of Data breach recently making headlines in national newspapers. Regardless of whether the breach is malicious or accidental in nature, executed by an insider or an external attacker, it is the loss of data which causes the reputational and often large financial impact to the business.
Organisations have for quite a while been playing hard to get regarding data protection and security. Because of the number of high profile data breaches; industrial regulations are increasing their focus on ensuring organisations have in place appropriate protection for personal data.
Under the EU GDPR (General Data Protection Regulation) adopted on 27th April 2016 ( enforceable 25th May 2018) organisations handling EU citizen data Could be fined up to €20 million or 4% of global annual turnover for the preceding financial year, whichever is the greater. They must also only store data as long as necessary and identify all affected individuals within 48 hours in the event of a breach. The UK ICO is now also seeking to align UK legislation and penalties against the regulation.
This represents a challenge for organisations without visibility and control of the type of data they handle, where the data is located and applicable regulations.
The UK’s decision to leave the UK or ‘Brexit’ has introduced uncertainty about GDPR, however, the ICO has made it certain the UK will enact into UK Law either exactly as the GDPR and may make additional requirements. This is because to trade with Counties of the EU will require compliance with GDPR as the minimum.
Now is the time to implement appropriate data security measures to locate, identify and protect sensitive business and personal data within your organisation, enabling compliance with applicable legislation such as the EU GDPR and UK DPA (Data Protection Act).
Every organisation is different. Our approach is to tailor the solution for you to meet GDPR with comfortable changes to your established processes. We do not shoe-horn you into a proprietary solution that might not fit well with your business or culture.
JP Solutions UK can help organisations to understand what they need to do to get ready to comply with the GDPR, and continue that support when required, into managing the changes to be ready for May 2018 when the GDPR takes effect.