Back

If you work in any kind of business that handles customer data then you ought to have heard about the General Data Protection Regulation (GDPR) by now, the European Union’s new directive designed to protect EU citizens from privacy and data breaches. If not then you certainly ought to be considering the impact it could have upon you and your business in less than a year.

Here’s why: Failure to comply with the GDPR could see you being fined four percent of your annual revenue or 20 million, depending on which is greater. Sounds a bit extreme and only something big businesses need to worry about? Think again.

If you handle customer data from within the EU then you have less than a year to comply with the new regulation. Failure to do so could put you out of business
Neill Lawson-Smith, Founder and Managing Director, Certified IBITG EU GDPR Practitioner

The GDPR comes into force on May 25, 2018 and affects any company wanting to do business within the EU or with member states. This would also include US firms handling the data of European citizens. So, that’s any company handling personal data or data that would identify a person. This might be your name, an email address, bank details, perhaps a photo or even a computer IP address. Oh and anything that counts as personal data under the Data Protection Act also qualifies as data under the GDPR. If you’re starting to scratch your head at this news, you're not alone.

Your next problem is identifying a breach if and when it occurs. That’s no mean feat by the way. Some businesses know they may not be able to do this in a timely manner and the smart ones may already have the right network security monitoring solutions in place. But just what does a network breach mean for you in terms of the GDPR?

Anything that is likely to ‘result in a risk for the rights and freedoms of individuals’ must be reported to customers and the data protection authority within 72 hours of first becoming aware of any breach. In the UK this is the Information Commissioner’s Office. Of course, it's also very likely that some firms will not know the true scale or implications of such a breach in the early stages. Even so, you must ensure that you have contacted the relevant party within the allotted timeframe, outlining the nature of the problem, the people affected and what measures you are taking to address this.

Of course there are numerous challenges to implementing all this and being assisted by a strategic partner with fully compliant data officers will help you turn the approaching legislation into something of an opportunity to improve the data protection processes you already have in place. At the same time, better understanding of the customer data you hold and should present other benefits for you as you begin to tailor new products and services.

Under the terms of the GDPR you’ll also need to have a dedicated Data Protection Officer (DPO) in place if your organisation is a public authority (except for courts acting in their judicial capacity), carries out large scale systematic monitoring of individuals, or large scale processing of special categories of data or data relating to criminal convictions and offences.

Unfortunately, GDPR compliance doesn’t happen overnight, so it’s vital processes are put in place now. This means getting to grips with the data you hold and understanding just what will be affected by the new legislation. Could you quickly find where specific data sets are held and who is responsible for them if necessary? What about Subject Access Requests (SARs)? Are you equipped to deal with individuals who want to see the information you hold about them? If the answer is ‘no’ and things seem a little cloudy, then you could be in trouble.

By putting the right processes in place and working with a strategic partner, rather than risking a huge fine, the journey to GDPR compliance could well be a valuable one for your business as you unlock data silos, better understand what you hold and ultimately improve security processes for both you and your customers.

Get in Touch

Client Feedback

“We are delighted to be working with CIS”

John Story, Head of IT

St Paul's Cathedral

“We are delighted to be working with CIS, the project is already looking well organised and innovative. CIS delivers a prompt professional service with trusted knowledge we can rely on at all times.”

John Story, Head of IT

St Paul's Cathedral

Previous
Next

Keep Up To Date

close

CIS Overview

Cloud

Cloud

  • CIS Private Cloud
  • Infrastructure as a Service
  • Backup & Disaster Recovery
  • Remote Desktop Services
Security

Security

  • Anti-Virus & Ransomware
  • Extensive Encryption
  • Firewall & Next-Gen UTM
  • Penetration Testing
  • Digital Rights Management
  • Phishing
  • Mobile Device Management
Communications

Communications

  • Exchange Server Hosted & On Prem 
  • Mail365
  • Unified Communications
  • Office 365
  • Mobile & VoIP Telephony
  • Internet Connectivity
Support

Support

  • Consultancy
  • Analysis & Audit Services
  • User Training & Enablement
  • Fully Managed Support
People

People

Since its inception in 1989 CIS' philosophy has always been the same. We believe that in order for our team mates to provide the best possible service to our clients and to remain motivated and inspired themselves, we have to create a positive and stimulating working environment. One that encourages ambition, a continued exchange of ideas and dialogue, hard work, performance and loyalty. We have always rewarded our staff for going the extra mile and for embracing our company ethos but we also aim to make their working experience enjoyable and fun, working on the basis that humour can go a long way and fairness and respect are paramount.

Portfolio

Portfolio

Even though we say this ourselves, our portfolio is first class. We offer a range and quality of Cloud Services that can cater for all our customers' business goals and aspirations. It's our job to find the perfect solution for your requirements and you'll benefit from the research and development carried out by our team to find the ideal system solutions for you.

Partners

Partners

Partners are vital to the ongoing success of our company so we nurture our award-winning network of like-minded organisations, building up mutual trust and respect in our working practices that can only benefit our customers.

Productivity

Productivity

It has always been of key importance to CIS to achieve high levels of productivity and to ensure that we remain s highly effective, lean and fast-moving organisation. It allows us to keep ahead of the game and to spot and act upon new products and trends whenever possible. By keeping on our toes, we can pass on benefits to our clients and partners without the need for time consuming learning curves.