20/06/19

GDPR – One year on….

It’s now been a little over a year since the new General Data Protection Regulation came into force amid warnings of how being non-compliant could have devastating consequences on businesses.

So how has your firm fared?

Here at PC Net we received many enquiries and calls for assistance about the new law – which we were only too happy to help out with, but we know only too well that many others failed to plan and implement the changes.

It’s important to understand the requirements of GDPR, how the changes affect your business and whether you currently comply, because if you don’t you are heading for a fine. And don’t imagine for a moment that it is only the big companies that will be caught out!

Cash penalties so far total £4m

You may be interested to learn that the first fines, ranging from £400-£4,000, were issued in November to data controllers of all sizes for failing to register and pay the Data Protection fee. And since last June, there have been 27 cash penalties totalling almost £4m.

The new legislation now allows for fines of millions of pounds and those already falling foul of the law and hit by financial penalties include Heathrow Airport, Uber, BUPA, Facebook Ireland, Cambridge Analytica and BT. Some pretty big hitters, so if it can happen to them . . .

Legal requirements

There is now a legal requirement for technical and organisational controls to be put in place by anyone processing personal data.

Data protection is key and with 675 cyber attacks reported in the latest quarterly statistics, covering a three-month period, it is easy to see why so much importance is placed on it. Almost 50% of these attacks were PHISHING, 20% hacking and 6% Ransomware.

What steps should I take?

I hope we have given you something to think about and spurred you into a course of action which will ensure you are fully compliant with the current laws.

The basic steps to take are:

  • Identify the personal data you process
  • Review the risks associated with your processing activities
  • Make sure you have proper controls in place to keep this data secure
  • Seek professional advice.

Our team at PC Net are fully conversant with GDPR, what the laws are and how they affect businesses. We can carry out a high-level GDPR health check for you, or give general advice on what you need to do.

We can also provide a technical review of your cyber security and invite you along to one of our GDPR/cyber security events which have already proved to be invaluable to a number of people and businesses on the lead up to the introduction of GDPR and in the months since.

For more information about how we can help you, contact us on 01743 290588 or email katy@pcnetsolutions.co.uk