17 Apr A Year On and Many Still Have Done Nothing – GDPR
Did you know that over 33% of all businesses know that they are not GDPR compliant? That’s the companies that know what the new data protection law’s are!!! Some still have no idea what the General Data Protection laws (GDPR) are?, if they are compliant? or of the consequences that can arise due to not being fully aware.
Some believe that it is only about data security and that if they have the correct policies and software in place then they will be safe. This can be very misleading. Data protection isn’t just in the virtual world or on a server, it is also physical. There can be piles of paperwork that can contain sensitive data, whether it is customer information or employee billing addresses.
It all counts as sensitive data and choosing to ignore other aspects of GDPR laws can cost you dearly. Leave a file or letter in a coffee shop with names and addresses on and you could be fined. It’s therefore crucial that when looking into GDPR you do not get completely wrapped up in the electronic data and take a 360 view of your risks.
A big shift with GDPR was around obtaining consent to send marketing information. The way you reach out to customers in order to gain consent and information to be used in marketing is VERY important. If you do not gain full or adequate consent from users online and chose to contact them through E-mail marketing or calls, you may be opening yourself-up to a complaint, investigations and potential fine.
Since the new laws came into effect, over 8000 companies in the UK have been filed for data breaching In its entirety, as well as 60,000 companies across Europe. Aside from knowing about the laws in the first place, you need to be addressing security as a whole and using adequate processes to ensure that steps are taken to physically protect information as well as having cyber security is in place to prevent data breaches and hacks. Data is a currency that is sold by the underworld as a lucrative businesses model.
If being a victim of a cybercrime isn’t enough you may also be fined just for extra measure. This is why being aware of the GDPR laws is so important.
There are definitely things to consider to ensure data is secured, and none wants to be fined, especially since there are simple steps that can prevent it. A great starting point for many companies is addressing security and Cyber Essentials Certification can mitigate up to 80% of the common cyber threats that businesses face. Aside from helping to secure your network and data it also shows the Information Commissioners Office that you take Security seriously.
For more help and information on how you can get Cyber Essentials certification to help you with GDPR visit our website.
You can also talk to one of our consultants on 0114 361 0062