GDPR (the General Data Protection Regulation) is a set of guidelines, which are legally binding through Europe for the processing and collection of personal data which originates from within the EU. GDPR applies to every organisation from sole traders to multinational PLC’s and is designed to protect the data privacy rights of the individual. All organisations are expected to comply with GDPR and penalties and fines are in place where it is found that requirements are not being met.
Why is 25th May 2018 an important date?
The 25th May is all important as this is the date the GDPR comes into force across Europe (not just the UK). For organisations not compliant you are in good company as many UK businesses will not be compliant by this date.
If you find your organisation is not compliant the challenge is to work towards compliance through taking all the necessary steps and actions.
Important resources for GDPR
The following are some of the best sites to visit for detailed information about GDPR compliance:
- BBC Guide to the GDPR
- EU GDPR information portal
- Information Commissioner’s Office – Guide to the GDPR
- Official PDF of the EU GDPR and
- Wikipedia GDPR page
Ways SheshTech can help with GDPR Compliance
The scope of GDPR is very wide and pervades an organisation deeply. SheshTech can help contribute for a proportion of GDPR services, which we have detailed below:
- Antivirus and hacker prevention – A part of GDPR is protecting personal data of customers, we can help by testing the robustness of antivirus and hacker strategies. We can implement solutions to prevent data losses before they occur, this includes secure hosting solutions
- Data encryption – SheshTech can ensure that any equipment used within an organisation has its data encrypted, this is strongly advised within GDPR
- Data removal – We can help with the identification and removal of data, which potentially breaches GDPR. If in doubt it’s better to delete the data than be in breach. SheshTech can interrogate data sources and remove potentially non-compliant data, which is held
- Documentation Updates – We can advise on documents, which need to be updated for GDPR including web facing documents such as Privacy Policy, Terms of Use Policy as well as internal process related documents
- GDPR audits – We can provide GDPR audits in our areas of technology and infrastructure to ensure that your organisation is doing everything possible to comply with GDPR. In areas where you are in breach, we can advise on methods of how to fix
- Plugin updates – We can ensure that all plugins used on web front-end applications (e.g. WordPress, Joomla, etc.) are GDPR compliant, we can apply patch updates where necessary to deliver compliance
- Secure Socket Layer encryption (SSL) – An essential requirement of GDPR is that all websites must become https:// protocol, i.e. have an SSL layer added. This ensures that data communicated between the visitor’s browser and the organisational website are encrypted
Discussing Implications of GDPR with SheshTech
The implications of GDPR are complex and sometimes difficult to implement. Here at SheshTech, we are here to help. Why not try our consultancy and strategy services where we can advise on how our range of services can improve GDPR compliance?
Call us on 0121 573 0081 for a friendly informal chat or complete our contact form to commence discussions.
Image Credit: Bilja ST