By now you will have heard the buzz around the GDPR (General Data Protection Regulation) regulations coming into effect on 25th May 2018. As we settle into the New Year, this has become a hot topic as companies large and small adjust their processes and policies for the change. If you are feeling daunted by the prospect of reading the small print regarding how to become fully GDPR compliant, then now is the time to act. We are here to help get your business ready.
What do the new GDPR requirements cover?
There are three key areas the new GDPR regulations will cover:
- They provide individuals with more control over their personal data
- They ensure transparency about the use of data
- They use security and controls to protect data with mandatory breach reporting
How does this affect an SME business?
All organisations whether inside or outside the EU, need to comply if they process personal data for EU residents. Failure to comply after the new rules come into effect in May 2018, could result in a fine of up to 20 million euros or 4% of annual company turnover, whichever is greater.
What are the key changes?
The new GDPR regulations require a review of company policies and security practises. It will involve an evaluation of how personal data is controlled, stored, processed and the security measures in place to protect the data. Organisations are also required to become more transparent in the way they use and collect data. It will also be necessary to inform and train staff, so they fully understand the implications of the new regulations, which may also mean employing a Data Protection Officer.
How do I become fully GDPR compliant?
When you first download the GDPR compliance guidelines, it can feel like an overwhelming task. There are four simple steps to follow to take the necessary action and make your journey to compliance easier.
Firstly, identify what personal data you have stored and where it resides. This could be in many different locations. Secondly, review how the personal data is gathered, used and accessed. Thirdly, put security controls in place to reduce the risk of a data breach. Put measures in place to detect and respond to data breaches. Then finally, keep the required documentation to manage data requests and breach notifications.
The GDPR Assessment from M2 Computing
Still feeling daunted? We can assess your security requirements and deploy cost-effective IT security measures to reduce your risk of a data breach from the threat of hackers and malware. If you’d like to discuss how M2 can help you prepare for the GDPR, speak to Paul Kollnig on 01293 871971 or email paul.kollnig@m2computing.co.uk