Silkweb Group
Trim, Co. Meath
+353 1 685 3111
+44 203 3933320
info@silkwebgroup.ie
support@silkwebgroup.ie

What is (GDPR) General Data Protection Regulation?

by

What is (GDPR) General Data Protection Regulation?

GDPR is the new regulation which binds businesses into protecting the personal data and privacy of EU residents when communicating or completing transactions that occur within EU member states.
Non-compliance will cost companies life-threatening amounts of money.  time to sit-up and take note any company or business which transacts in Europe needs to know and understand about GDPR.
If you collect data on inhabitants of the European Union you need to comply with stringent new rules with regard to protecting customer data.
All businesses will be challenged as they are forced to put systems and processes in place to comply.

Firstly GDPR is said by some to be ambiguous as it doesn’t have a definitive set of rules, however, this is by design, in order to cover different and changing combinations of information we collect.

This is why it is said to “take a wide view of what constitutes personal identification information”.

In the coming weeks and Months, you will be bombarded with Adverts and News Articles asking “Are you GDPR Compliance? “  Some will cause concerns telling you to expect Big Fines.  And others will baffle you with new security terms. Then will come the Consultants.

An easy way of understanding what lies ahead is by asking yourself the following.  

  1. Is your business aware of the laws relating to GDPR ?
  2. Is your business aware of the implications relating to GDPR ?
  3. Has your business a designated Data Protection Officer ?
  4. Do you know, and understand the types of information held by your business, and is it graded important, critical, and private or sensitive?
  5. Who has access to the different Levels of information?
  6. Does everyone need access to the different Levels?
  7. How is the information used & for what purpose?
  8. Does your business have legal data privacy requirements for staff?
  9. Does your business have regulatory data privacy requirements for processing and sharing information?
  10. Does your business collect, process or store data about juveniles, have the GDPR rules been identified and assessed for this?
  11. Does your business know where its data and information is held?
  12. Is it Secure?
  13. Is it within the EU?
  14. Who has access?
  15. How is it processed?
  16. What are the security controls particularly when it comes to cloud storage?
  17. Have you reviewed your business security?
  18. What are your plans and processes if there were to be a security breach physical or cyber?
  19. How will you address and identify a data breach?
  20.  How will your business manage, investigate and report a data breach?

The GDPR leaves much to interpretation, companies must provide a “reasonable” level of protection for personal data, but does not define “reasonable.” Thus giving the GDPR governing body a lot of freedom when it comes to dreaming up fines for non-compliance and data breaches.

When does my Business Or Organisation need to be in compliance? May 2018.

What happens if my company is not in compliance with the GDPR?

Fines of up to €20 million or 4 % of global annual turnover, whichever is higher, for non-compliance.

If you were thinking of taking guidance from the Irish Civil Service read this Times article first.

Its estimated that the EU will collect as much as €7 billion in fines and penalties in the first year.


Leave a Reply

Your email address will not be published. Required fields are marked *

x

We use cookies to give you the best online experience. By agreeing you accept the use of cookies in accordance with our cookie policy.

I accept I decline Privacy Center Cookie Policy