Designing a security aware culture
Looking to create a more security aware culture within your office?...
Ensuring your data is fully protected, and that you’re following proper regulations to do so is essential for any business. It’s important from a reputation perspective as much as from a compliance one. It’s every company’s duty to make sure they are taking the proper precautions to protect sensitive information, and prevent access by non-authorised parties.
On May 25th 2018, new laws will be brought into effect around data protection, in order to make it uniform across the whole of the European Union. General Data Protection Regulation (GDPR) applies to all businesses – from large companies and public authorities to small and medium-sized businesses.
What is GDPR?
GDPR is the new primary law governing how companies protect the personal data of any EU citizen. Its main purpose is to create a uniform approach to data security across the EU, and it will replace the current Data Protection Directive 95/94/EC.
How will the GDPR affect my business?
Businesses will have to be more stringent about the ways in which personal and sensitive information are stored. Infringements of the new laws will hold greater consequences and potentially large fines.
There’s a need for transparency when it comes to collecting data from individuals, and it’s vital companies make it clear to them how that data will be used. In addition, individuals must be made aware of their rights to withdraw from having their data stored by your company. The newly introduced “Right to be forgotten” directive means that an individual can request that you delete any of their personal data that you have on file. The “Right to object” directive means that an individual can refuse permission to be profiled – this includes for direct marketing purposes.
Companies must take precautions regarding the security of the data they store, both physical and electronic. Breeches of any kind must be dealt with quickly, and it is every company’s responsibility to take this time in the lead up to the GDPR enforcement to reassess their current security processes.
Why GDPR matters
Any company that is already compliant with the Data Protection Directive will now need to ensure that they are in line with GDPR and the changes imposed by this. If your company doesn’t adhere to the GRPR requirements and regulations set out or you have been found to breach them, you could face a fine.
It applies to all members of the EU, and will remove the need for each state to write its own data protection laws. Some companies will even need to employ a data protection officer to oversee the implementation and compliance of GDPR.
Ahead of the regulations coming into effect, it’s time to start looking at where you are now, and what steps you can take to make a move towards compliance.
What should I consider in the run up to the GDPR?
Many data breaches in businesses occur through the neglect of individuals rather than malicious cyber-attacks, which is why it is so important to mitigate the risks in as many ways as possible. Here are a few you should be considering:
It’s important that your business is fully informed about the changes in data protection and the implementation of GDPR. The responsibility lies with each and every employee, so the information and the plans you put in place should be disseminated company wide. The countdown is on, and re-assessing your current data security measures is the first step to GDPR compliancy.
You can call a Staples representative at the following number:
+353 (0) 1 553 0078
You can also fill out the form below and one of our representatives will get in touch with you shortly