The General Data Protection Regulations (GDPR)- New Requirements for all Businesses
What is GDPR?
European Data Protection Legislation is changing. The General Data Protection Regulation (GDPR) will come into force on 25 May 2018. These new rules will affect all businesses across the EU and will replace the existing Data Protection Framework under the current EU Data Protection Directive.
GDPR is considered a necessity for the protection of data in a modern internet based society. As the Internet of Things increases every day it is essential that we strengthen the control of our Personal Data.
GDPR will impact you and your business – this legislation has been given teeth - non-compliance can result in fines of up to €20M or 4% of turnover.
What’s the difference between GDPR and existing Data Protection Legislation?
The GDPR has greater scope, much tougher punishments and judicial remedy for those who fail to comply with the new rules around the storage and handling of Personal Data, be it in physical or electronic format and there are much stricter guidelines surrounding breach reporting.
How will GDPR affect my business?
The GDPR will impact on every business in numerous ways. To give a few examples:
GDPR brings with it Privacy by Design - Privacy must be built in to any system that handles Personal Data.
Businesses must keep a detailed record of how and when an individual gives consent to store and use the Personal Data. There has to be a positive agreement and it cannot be inferred from a pre-ticked box. Customers or individuals have the right to withdraw consent.
If you receive a Data Subject Request you have 72 hours to respond.
People have the right to be forgotten. Details must be permanently erased. This implies that there is a need to review existing data and delete any data that no longer has a valid reason for holding
MBSL are Certified to ISO27001:2013 Information Security Management Systems and have a wealth of experience built up in the area of Data Protection.
Let our Team provide the expertise needed to help you design, build, and implement a sustainability strategy for YOUR GDPR compliance program.
We are here to keep you on track for the May-18 GDPR implementation date.
MBSL can assist you in identifying, assessing, planning for and meeting your Data Protection obligations.