23rd January 2018
GDPR: Just good sense
GDPR, have you heard of it? There is so much buzz about the EU’s upcoming General Data Protection Regulation that it has become a din, as well as a bandwagon for shady salesmen to jump upon. If it is not articles advising you on what IT tools you need to keep your business compliant it is assessments to identify your “company’s risk levels”.
But, really, once you can get your noggin around the complexities of UK data law, all it comes down to is arming yourself with the key facts, being ready for enforcement of the regulation on May 25 and using your common sense and business acumen to make sure things continue to run smoothly.
Get it – While WIRED deems GDPR “the biggest overhaul of data protection laws in more than two decades”, the UK's Information Commissioner stresses it is merely "evolution" rather than a full-blown "revolution" with the ICO adding "many of the GDPR’s main concepts and principles are much the same as those in the current Data Protection Act (DPA)". In fact, much will stay the same for businesses already complying with the UK's data protection law (many Switch2IT clients).
Essentially, if you are a controller or processor of personal data – e.g. you collect and manage contact information and banking details etc. – it is your duty to make sure you are aware of any differences GDPR will bring for your organisation and to do all that you can to fulfil your obligations to the law.
Data breach set – GDPR is not some miraculous fix-all when it comes to cyber security and data protection. There are still going to be occasions when your business is vulnerable to data breach threats, especially if you do not have a solid IT security strategy in place. Under the new law, you must report any data breach that endangers personal information to your local data protection regulator and, if individuals are at high-risk, you must inform them also. This is sure to make having access to services such as digital forensics and investigation a god-send.
Privacy first – Although the UK’s data protection law already insists on letting individuals know who is processing their personal information and for what purpose, the GDPR will take this one step further by demanding more transparency and detail with regard to these privacy notices.
Rights ready – GDPR brings with it eight rights, some new and some refocussed, for individuals including: the “right to be provided with fair processing information”, “right to object”, “right to restriction of processing” and the “right to data portability”. In addition, it will be easier and cost-free for individuals to access the information that any given company holds about them and make requests for it to be erased where necessary. This very much evens up the playing field when it comes to privacy and power.
What is “personal” information?
The last leg towards GDPR seems like a good time for the Switch2IT team to bring up a bugbear that has been gnawing at us for quite some time. We are all for data protection and we take great pains to increase cyber security for all our clients, advising a safe and secure data back-up strategy as standard, but how can data protection actually exist in a world where there is not really anything that constitutes private information?
In an age where we post our inner most thoughts and take part in social media games that phish our personal details and potential passwords is anything really sacred? What are you asked as a security question by your bank or mobile phone company – your postcode, date of birth, mother’s maiden name? So much of this information is already in the public domain so how can it possibly be a “security” question? With this in mind, how can our data be protected when it has already been compromised? We have said it before, and we will say it again, why does the government not look at ways to improve identification checks and why do individuals not take more care to keep shtum for their own good?
To find out more about Switch2IT’s dedication to data protection and cyber security, contact us for a consultation today.
14th May 2018
How ready is your school's IT department for the GDPR?
Is Your School GDPR Ready? The Switch2IT team is as passionate about data privacy as it is about supporting young people and the local Sussex, Hampshire, Surrey and Kent communities. Last month we contributed £1000 to the Worthing ITU trust fund and £250 to Place2Be, the leading national children's mental health charity which aim...Read More >
25th April 2018
Why clients select Switch2IT managed service contracts
Why do Clients Choose our IT Managed Service Contracts? Switch2IT is proud to have clients who have retained contracts with us for a number of years and others who come back to us time and again as IT projects occur. What makes our clients inclined to choose us as their technical support go-to? We thought we would ask one of our long-term clients,...Read More >
20th March 2018
Grab a free iPad with three years' IT support
An Eggstravangant Easter Offer From Switch2IT 2018 is turning out to be a brilliant year for Switch2IT, not only are we finding that local businesses are signing up to use our managed IT support service for the first time but that many of our clients are signing up to extend their contracts because they are so pleased with our dedication to custom...Read More >
21st February 2018
Is Big Brother defender or oppressor with regard to data protection?
Big Brother: Protector or Persecutor? This March, the Switch2IT team has been closely monitoring the progress of Big Brother Watch who have been “pushing for amendments to key areas of concern in the Data Protection Bill, including: - safeguards to protect people against automated decisions - removing wide Gov exemptions from key data prote...Read More >