The GDPR is the EU Regulation that will replace the Data Protection Act 1998 in the UK and the equivalent legislation across the EU Member States. All UK business will be subject to GDPR from 25th May 2018, regardless of Brexit.
Failure to comply could cost you fines of up to 4% of your company’s global annual turnover, not to mention your reputation (source: www.ico.org).
Here’s a snapshot of what GDPR will require you to do:
Keep a record of data operations and activities and consider if you have the required data processing agreements in place.
Carry out privacy impact assessments (PIAs) on products and systems.
If applicable to your organisation, designate a Data Protection Officer (DPO).
Review your personal data collection processes.
Know how and when to notify the relevant supervisory authority of a data breach.
Implement “privacy by design” and “privacy by default” in the design of all new and existing products.
how can we help?
Our professional partner NDC can provide the initial Consultancy and Training then our IT specialists and cyber security experts at Soitron UK to offer you a comprehensive range of information security management services:
CONSULTANCY AND TRAINING
IT SYSTEMS DEVELOPMENT
Soitron UK have the technical expertise to help you develop robust IT systems that that comply with GDPR and protect data and customer information.
CYBER SECURITY
Technical experts can help you to test the cyber security levels of your existing IT systems and develop safer systems, networks and users with:
>Penetration Testing:
Ethical hacking to test your system’s security.
>Cyber Essentials and Cyber Essentials Plus:
Government-backed programmes, designed to encourage businesses to achieve a baseline level of security that can be evidenced to stakeholders.
>Vulnerability Scans:
Identify and act on weaknesses within your networks.
Stages to Progress in Compliance
Awareness Training
GAP Analysis – Identify Weaknesses and Areas for Development
Implementation/Internal Auditor