Preston business owner warns companies in light of new privacy law.
A local company have issued an urgent warning to fellow business owners ahead of a new EU privacy regulation (GDPR) set to become effective from 25th May 2018.
The EU Parliament has seen a lot of to-ing and fro-ing of the issue over the years, but they’ve finally set a date for implementing a strict zero-tolerance policy towards data protection. Any organisations that fail to comply with the GDPR will be charged with a fine of £17.2m (€20m) or 4% of their annual turnover – whichever is higher.
Leigh Cowell of Kingston Memory Shop, Preston-based encryption experts, warned:
“If you’re in Preston and you work in healthcare, IT, public services, finance, education or sales, you need to take action right now.
"This applies to all of us and we can’t afford to simply ignore it. The message from the GDPR is clear - reconsider how you collect and store personal data or take a hit."
"It’d be such a huge shame to see thriving local businesses in Preston suffer over something so easily avoidable.”
Whilst 69% of businesses say their senior management consider cyber security is a very or fairly high priority for their organisation only half of businesses have actually taken recommended actions to identify cyber risks.
The Information Commissioner’s Office (ICO) have warned that:
“We’re all going to have to change how we think about data protection.”
The new legislation has laid out new requirements for businesses, including:
● Organisations over a certain size, must employ a Data Protection Officer to ensure data is responsibly collected and appropriately secured.
● Data security breaches must be immediately reported to the IICO no longer than 72 hours after the breach occurred.
● Individuals are entitled to ‘the right to be forgotten’ which would withdraw consent of use of their personal data.
What is classed as ‘sensitive’ data?
In the digital era, defining ‘sensitive’ data can be complex. It is no longer just names, addresses and credit card details but also the likes of cookies and IP addresses. For organisations that don’t collect personal online data, the collection of such information in the form of HR records and customer lists may already be compliant with Data Protection regulations – but appropriate security and encryption of this data is now mandatory rather than recommended.
How can businesses make sure that they are protected?
Data transportation by employees can leave businesses susceptible to data breaches and thousands of companies have already reconsidered their approach to personal data in order to avoid the tough penalties enforced by the GDPR. Data encryption ensures that, should the data fall into the wrong hands, it is
incomprehensible and meaningless.
If you think your company might be affected by the new GDPR and would like more
information, speak to Kingston Memory Shop’s online chat team or call them on 01772 316708.