09 Jan General Data Protection Regulation Lowdown
The GDPR or General Data Protection Regulation comes into effect in May 2018, and as the UK will still be a part of the EU, it is something that you need to be aware of to ensure best practice is used where necessary.
Most people are aware of the Data Protection act but this new legislation is beefing it up to give the public even more control and protection of the data they share with organisations within and engaging with EU citizens.
As there has been a digital explosion in recent years, the Information Commissioner within the EU Parliament has suggested that the systems in place need to be made more robust to protect the people of the EU which is why they are bringing in the General Data Protection Regulation.
If you do business and collect data from any EU citizens and don’t act in accordance with these changes in legislation or you breach them, you will find yourself with an almighty fine of up to 9 million pounds or 2% of your turnover!
In order to obtain someone’s personal data, you must gain consent which is freely given, specific, informed and an unambiguous indication of the individual’s wishes. The consent must be able to be verified as given, so there needs to be proof and some sort of paper or digital trace-ability of how and when the consent was given.
The consent can be withdrawn at any time!
Creating a data protection strategy and working with a company that can provide an encryption service is the best way in which to protect yourself and your customers.
If and when the UK does withdraw from the EU, this is another one of those things that will be affected, so stay tuned over the coming months for an update from us here at SurCo headquarters.
Secure data storage is one of one of our specialities so please get in touch if you have any further questions regarding yours.