23rd January 2018
GDPR: Just good sense
GDPR, have you heard of it? There is so much buzz about the EU’s upcoming General Data Protection Regulation that it has become a din, as well as a bandwagon for shady salesmen to jump upon. If it is not articles advising you on what IT tools you need to keep your business compliant it is assessments to identify your “company’s risk levels”.
But, really, once you can get your noggin around the complexities of UK data law, all it comes down to is arming yourself with the key facts, being ready for enforcement of the regulation on May 25 and using your common sense and business acumen to make sure things continue to run smoothly.
Get it – While WIRED deems GDPR “the biggest overhaul of data protection laws in more than two decades”, the UK's Information Commissioner stresses it is merely "evolution" rather than a full-blown "revolution" with the ICO adding "many of the GDPR’s main concepts and principles are much the same as those in the current Data Protection Act (DPA)". In fact, much will stay the same for businesses already complying with the UK's data protection law (many Switch2IT clients).
Essentially, if you are a controller or processor of personal data – e.g. you collect and manage contact information and banking details etc. – it is your duty to make sure you are aware of any differences GDPR will bring for your organisation and to do all that you can to fulfil your obligations to the law.
Data breach set – GDPR is not some miraculous fix-all when it comes to cyber security and data protection. There are still going to be occasions when your business is vulnerable to data breach threats, especially if you do not have a solid IT security strategy in place. Under the new law, you must report any data breach that endangers personal information to your local data protection regulator and, if individuals are at high-risk, you must inform them also. This is sure to make having access to services such as digital forensics and investigation a god-send.
Privacy first – Although the UK’s data protection law already insists on letting individuals know who is processing their personal information and for what purpose, the GDPR will take this one step further by demanding more transparency and detail with regard to these privacy notices.
Rights ready – GDPR brings with it eight rights, some new and some refocussed, for individuals including: the “right to be provided with fair processing information”, “right to object”, “right to restriction of processing” and the “right to data portability”. In addition, it will be easier and cost-free for individuals to access the information that any given company holds about them and make requests for it to be erased where necessary. This very much evens up the playing field when it comes to privacy and power.
What is “personal” information?
The last leg towards GDPR seems like a good time for the Switch2IT team to bring up a bugbear that has been gnawing at us for quite some time. We are all for data protection and we take great pains to increase cyber security for all our clients, advising a safe and secure data back-up strategy as standard, but how can data protection actually exist in a world where there is not really anything that constitutes private information?
In an age where we post our inner most thoughts and take part in social media games that phish our personal details and potential passwords is anything really sacred? What are you asked as a security question by your bank or mobile phone company – your postcode, date of birth, mother’s maiden name? So much of this information is already in the public domain so how can it possibly be a “security” question? With this in mind, how can our data be protected when it has already been compromised? We have said it before, and we will say it again, why does the government not look at ways to improve identification checks and why do individuals not take more care to keep shtum for their own good?
To find out more about Switch2IT’s dedication to data protection and cyber security, contact us for a consultation today.
23rd January 2018
GDPR: Just good sense
GDPR, have you heard of it? There is so much buzz about the EU’s upcoming General Data Protection Regulation that it has become a din, as well as a bandwagon for shady salesmen to jump upon. If it is not articles advising you on what IT tools you need to keep your business compliant it is assessments to identify your “company’s ri...Read More >
22nd December 2017
Switch2IT looks towards a green future
As we sky-rocket towards 2018, the Switch2IT team is looking to the future of the technology sector and the many UK businesses it impacts. Do you not think it is time that the big tech brands started to think more about the world we live in and its ecological future, not just the now and the money-making opportunities available? Likewise, is it not...Read More >
24th November 2017
Significant technological innovation, from India to Sussex
Are you confident that the UK government is putting enough effort and investment into the security of British business? Do you think other countries are leaps and bounds ahead, moving towards safe and successful futures? Switch2IT explores whether more could be done to strengthen our cyber security and infrastructure in order to make a significant ...Read More >
12th October 2017
Cyber Security: The Good, the Bad and the Ugly
Cyber Security: The Good, the Bad and the Ugly From tides of positive change via the IT networking bods at Netgear to despair in the tiresome encryption debate to undignified squirming from Microsoft about paying their taxes, this month Switch2IT explores the Good the Bad and the Ugly from the IT security and technology industries. Gettin...Read More >