GDPR – Are you compliant yet?

The deadline has long passed for you to be GDPR compliant. Still unsure? Let us help.

UK study has found that organisations of all sizes are still not compliant with the regulation

Back in 2018 a new directive for data privacy was launched – GDPR – General Data Protection Regulation.  At the heart of this directive are the improved regulations surrounding keeping personal data safe and of course, increased fines for non-compliance

The maximum fine for serious infringements is 20 million euros or 4% of global turnover. (whichever is greater).  Less serious issues, such as failure to notify about a breach of data carries a 2% of turnover fine.

GDPR now also enforces the requirement to inform the ICO (Information Commissioners Office) if a data breach occurs within 72 hours of becoming aware of it.

GDPR is a requirement for all EU Businesses – Our 7 Day GDPR Tips & Compliance Email Series explains all that you need to know

Discover: Identify what personal data you have and where it resides

The first step towards GDPR compliance is to assess whether the GDPR applies to your organisation, and, if so, to what extent. This analysis starts with understanding what data you have and where it resides.

Does the GDPR apply to my data?

The GDPR regulates the collection, storage, use, and sharing of “personal data.” Personal data is defined very broadly under the GDPR as any data that relates to an identified or identifiable natural person.

If your organisation has such data—in customer databases, in feedback forms filled out by your customers, in email content, in photos, in CCTV footage, in loyalty program records, in HR databases, or anywhere else—or wishes to collect it, and if the data belongs or relates to EU residents, then you need to comply with the GDPR. Note that personal data doesn’t need to be stored in the EU to be subject to the GDPR—the GDPR applies to data collected, processed, or stored outside the EU if the data is tied to EU residents.

Building your inventory

To understand whether the GDPR does apply to your organisation and, if it does, what obligations it imposes, it is important to inventory your organisation’s data. This will help you to understand what data is personal data, and to identify the systems where that data is collected and stored, understand why it was collected, how it is processed and shared, and how long it is retained.

Manage: Govern how personal data is used and accessed

The GDPR provides data subjects—individuals to whom data relates—with more control of how their personal data is captured and used. Data subjects can, for example, request that your organisation provides information on the processing of data that relates to them, transfer their data to other services, correct mistakes in their data, or restrict certain data from further processing in certain cases. In some cases, these requests must be addressed within fixed time periods.

  • Consumers have a legal right to access the data has collected about them.
  • Consumers have the right to ask to be removed from data lists.
  • Organisations need to provide details of how they are using and where they are storing consumer data.
  • Organisations need to notify both the individual and the Supervisory Authority of any data breaches. Notification must be sent within 72 hours.
  • Consumers have the right to ask the company to transfer their data to another party.
  • Companies must have a Disaster Recovery plan in place and that it must be tested regularly.
  • Consumers have the right to ask for their data to be deleted.
  • Data must be encrypted, ensure confidentiality, integrity and availability.
  • Companies must safe guard their data.
  • Access controls must be in place. Staff and Vendors should only have access to data that is required for their job.

“I have always found the engineers at Computer Rescue to be friendly and knowledgeable. We have had a very positive experience with Computer Rescue; you have understood our problems and requirements and have met those with an efficient professionalism. We especially like the responsiveness in dealing with our problems, and, compared to our previous provider, they are a world apart.”

– Owner, Accountants Practice

Get your FREE GDPR Series Guides

0+

Years Experience

0Mins

Average Response Time

0%

Calls Resolved within SLA

0%

Resolved 1st Time

0%

Happy Customers

Covering Kent and South East England. Computer Rescue is much more than simply a computer support company. We are a trusted partner and adviser helping you with the very best IT solutions.
Let’s get started

WE ARE PROUD TO PARTNER WITH THESE INDUSTRY LEADERS

Office Manager

Computer Rescue staff are very helpful and cheerful at all times. I have never had any problems and I feel I am in very safe hands. Computer Rescue is very approachable, professional, courteous and a pleasure to do business with, and very quick to respond to calls for help.

Office Manager
Solicitors
Managing Partner

Computer Rescue are friendly and efficient and happy to try and resolve a problem out of hours if that is required. We enjoy our monthly visits and Computer Rescue are much better thankfully, compared to our previous provider.

Managing Partner
Recruitment Consultancy

Claim your Free IT Network and Cyber Security Assessment

Please contact our team or complete the form below. A representative will contact you shortly.

  • Let’s Talk

    We’ll chat about your business, how you use technology, and what you want to get out of IT.

  • Free IT Network and Cyber Security Assessment

    If we’re the right fit, you’ll choose the IT service agreement that works best for your organisation.

  • Start Your IT Experience

    Within days, you’ll be experiencing IT like never before.