GDPR

General Data Protection Regulations set in 2018 require by law for you to meet certain standards of privacy and record keeping in order for you to meet the regulations.

You must login to view this content

This content requires free membership or above

What Is GDPR And Do We Need It?

The General Data Protection Regulations (GDPR) was introduced in May 2016 and will be enforced from May 25th 2018.

This replaces the existing Data Protection Act 1998.

Any company that systematically processes personal data will have to comply with the new regulations (includes cctv, employee data customer lists, prospects, transactions, website cookies).

You must be compliant by May 25th 2018. This means that data captured now must be compliant with the new regulations or you may be in breach when it is enforced.

Many updates in requirements mean that changes must be made now.

The ICO (Information Commissioners Office) will govern the regulations.

ICO have set up enforcement teams on a larger scale.

Fines of up to 4% of global turnover or £20m.

Many companies will be required to have a Data Protection Officer (these must be suitably qualified and independent).

Many will be required to make significant changes, adopt new processes and maintain them.

Data Armour can help guide you so that you are compliant with the regulations and have all the necessary processes and systems in place.

We are able to provide services to individual companies or to whole associations and groups.

Many smaller companies not able to afford the expertise required.

Data Armour are also able to help with related products and services such as:

Cyber Security Insurance

ISO27001 accreditation

Cyber Security Consultancy

Core services include:

Privacy Impact Assessments (PIA) – audits of current data flow, processes and systems to identify areas of risk.

Privacy Policies – ensuring privacy policies adhere to new guidelines and are suitable for all intended purposes.

Data Protection Officer (DPO) – outsourced, consultancy or in-house placement.

Privacy by Design (PbD) – implementing data privacy into all new projects to ensure compliance and reduce risk.

Data Privacy Training – training, workshops and bespoke training manuals for staff.

Data Breach Notification – identification, process, implementation and management.

Subject Access Request (SAR) – process development and management

Consent – ensuring that customer and prospect data has the appropriate consent or legal basis for each purpose.

Join now and get GDPR Ready

Open for Prompt Payer members only. Join us now to get GDPR ready!