GDPR is coming and there is no time to lose in understanding the change to data privacy laws and impacts of cyber security.
On May 25th 2018, something called the General Data Protection Regulation (GDPR) will go into effect. That means your company, and every other company in the world, should already have a good answer to this question: “How will GDPR affect us?”. Octavian IT Managing Director Ben Solomon was involved in a fantastic seminar today hosted by Cherry Professional at the University of Derby, helping to answer questions from local businesses on GDPR and cyber security.
The main danger that you are courting is a big fine for non-compliance with GDPR, a set of rules governing the privacy and security of personal data that is being implemented by the European Commission.
Key points about GDPR
- Individuals will have the right to request that businesses delete their personal data in certain circumstances, for example, if they withdraw their consent for processing – also known as the right to be forgotten.
- There are stricter rules surrounding consent – it must be verifiable and silence or the use of pre-ticked boxes does not constitute consent.
- Consent means a clear statement or affirmative action which is freely given, specific, informed and unambiguous.
- Increases the individual’s expectation of data privacy and the organisation’s obligation to follow established cyber security practices.
- Establishes hefty fines for non-compliance.
- Requires many organisations to appoint a data protection officer (DPO) and makes it clear that data controllers are liable for the actions of the data processors they choose.
- Increases parental consent requirements for children under 16.
Security risks under GDPR
While GDPR dictates that organisations must implement appropriate governance and accountability in their processing and protecting of data, it is just as important that we adopt a “neighbourhood cyber-watch” approach and make threats and data security everyone’s concern, not just those with a governance or security role.
According to Cisco’s annual cyber security report, today’s average large enterprise can face as many as 70,000 security events per week as a result of devastating malware.
For further information around how we can help you to achieve GDPR and cyber security? Contact us or call us on +44 (0)115 778 8409