Know the Risk
The General Data Protection Regulation places an onus on companies to understand the risks created when handling personal data and to mitigate those risks as much as possible. This means that your organisation must be very security conscious when dealing with client data.
What does your organisation need to do?
Your organisation needs to introduce measures that ensure a level of security appropriate to the nature of the data and the harm that might result from a breach of security.
According the Regulation your organisations needs to:
- Design and organise security to fit the nature of the personal data held
- Be clear about who in the organisation is responsible for ensuring information security
- Make sure there is the right physical and technical security, backed up by robust policies and procedures with reliable, well-trained staff who will be ready to respond to any breach of security swiftly and effectively
CIS will handle all of your security needs and do what it takes to get you GDPR compliant.