General Data Protection Regulation: The new laws that every EU business must obey (this includes the UK even after Brexit)
With only a few months to go until the GDPR becomes law, businesses should now be carrying out an internal gap analysis of current cyber security practices as compared to GDPR requirements.
What is it?
The EU’s General Data Protection Regulation (GDPR) is a set of laws intended to ensure that companies are securing the data on their IT Networks.
It will enter into force on the 25th of May 2018.
GDPR will be a game changer in how businesses collect, store and protect data given the significant fines being introduced for non-compliance. It is stated that fines will be up to 20 million Euros or 4% of annual worldwide turnover – whichever is higher.
These huge fines are most relevant to large multi-nationals however GDPR does apply to even the smallest of EU businesses.
What does my business need to do?
1. From a technical perspective, every business will need to install a satisfactory level of IT Security infrastructure into their network to be complaint with GDPR laws.
Some technology which may be used to strengthen your network:
2. From a staffing perspective, companies are required to implement data protection procedures internally.
When do I need to be complaint by?
May 25th 2018.
This is when the rules can officially be enforced and when the fines can be handed out.
Contact Pinnacle’s IT Services team to discuss GDPR!