Are you ready for GDPR?
Let's start with a disclaimer - please bear in mind, that we're techies not lawyers so this isn't legal advice.
The General Data Protection Regulation (GDPR) will come into force from May 2018 in place of the current Data Protection Act. The penalties for data breaches will be increased so that non-compliance could be very costly!
Small businesses need to be aware that customers will have more control over their personal data which is great for the consumer but more care will be needed when collecting personal data. Businesses need to ask customers clearly for consent on an opt-in basis (pre-ticked boxes, etc will no longer be an option) and withdrawal of consent must be simple for consumers to do.
Some areas to consider:
Information risk – where is the data, who uses it, how much risk is the data at from a network breach, loss or misuse;
IT risk – how well is the data protected within servers, networks, computers and mobile devices that store and use it;
User risk – how much risk does user behaviour pose to your systems and the data stored on them.
Do you know if your computers are secure? Do you have thorough and reliable backups? Are you protected against viruses and malware? We could help you to keep your systems and data safe.
The Information Commissioner's Office website has lots of helpful information about the regulations: https://ico.org.uk/for-organisations/data-protection-reform/overview-of-the-gdpr/
