Author: Ben Brothwell – Security Practice Lead
The EU’s General Data Protection Regulation (GDPR) comes into effect in May 2018. To avoid potential fines of tens of millions of Euros, companies must move quickly to understand the legislation and respond appropriately. Northdoor can help your business achieve GDPR Compliance. We offer step-by-step reviews of your existing practices, recommendations for the future and an integrated GDPR toolkit for maintaining control over all relevant data.
GDPR stipulates that EU citizens must give explicit consent for their data to be held in any company’s systems. It also gives EU citizens the right to access, correct, transfer or delete their personal information at any time. Penalties for non-compliance or data breaches are severe: the authorities can levy fines of up to 4 percent of global annual turnover (or €20 million, whichever is higher) for serious violations.
Regardless of the UK’s status within the European Union, if your business offers goods or services to any citizen of a member state, your company’s data security procedures will still need to comply with GDPR legislation.
Under GDPR, your business must fully understand what personal data it holds, where this data is stored and who has access to it. You will need to create new organisation-wide data-protection policies, set up rigorous governance schemes, maintain auditable records, and be able to rapidly detect and report on data breaches.
In most organisations, the size and diversity of existing data stores makes this a daunting challenge. The good news is that Northdoor’s Protect IT Security Practice has an established set of reviews and recommendations to help you achieve and maintain compliance. We also offer GDPR compliance software tools to help you discover, classify, protect and govern data over time, regardless of where or how it is stored.
GDPR is a board-level concern but generic guidance is pointless if you are trying to make strategic decisions speciﬁc to the compliance status of your particular organisation.
To help you achieve Google compliance we have created the GDPR Rapid Response Programme® which is a proven methodology that helps companies to understand their position against the five main areas of GDPR compliance. Management can then identify where to focus their efforts to achieve compliance. Click here for details of the GDPR Rapid Response Programme®
To find out more, why not get the highlights from our recent GDPR round table discussion with Allen & Overy LLP.
Alternatively, you can find out how we can help you achieve GDPR compliance rapidly, efficiently and at a low cost. Simply download our two-page overview for everything you need to know and then contact us for an assessment.