With the new General Data Protection Regulation (GDPR) coming in to force on 25th May 2018 it is a good idea for businesses to start preparing for the new guidelines.
GDPR will allow EU residents protect their personal data online. The new regulation will replace the current 1998 Data Protection Act. GDPR brings a whole new method to data protection guidelines. People will have more power over the data companies hold on them and how they use it. This is a seismic shift on current regulations!
To comply with the new regulation, businesses need to make sure this data is stored in a safe and secure manner. This relates to both cloud and in-house based systems. The person, or company, that maintains your IT system will need to ensure several measures become standard practice.
- Security – Appropriate IT security measures need to be taken with your system. Robust Antivirus and Firewalls should be in place to protect from potential cyber attacks. Access restrictions should be placed on sensitive data also. Only the necessary users need access to certain data.
- Encryption – The encryption of certain elements of a system need to be reviewed. Are all portable devices encrypted in the event of theft or loss? Is the offsite backup system encrypted both at rest and in flight? Encryption is a must!
- Awareness – Users need to be made aware of the new regulation but also aware of the consequences if it isn’t followed. This company wide awareness will make the whole process a lot easier.
- Ease of Access – If a person asks for their data to be removed from your system it needs to be a simple process. All stored data needs to be accounted for. This includes any historical backups that may be stored.
This regulation is massive and needs to be followed by all businesses within the EU. If you are unsure on how your company should prepare for the deadline then speak to your IT support company as they’ll be well versed on the secure storage of data.