As a smaller business, you may be thinking that GDPR does not affect you, but the truth is all businesses have to take action.
The GDPR, or the EU General Data Protection Regulation, is a new law that is designed to strengthen the privacy and protect data for all individuals within the EU. Enforcement of the regulation will start on the 25th May 2018.
Under the new regulations, you have responsibilities to protect the personal information that you and your staff collect and use. This includes a requirement to have appropriate security to prevent it being accidentally or deliberately compromised. Breaches of data protection legislation could lead to your business incurring a fine. The reputation of your business could also be damaged if inadequate security contributes to high profile incidents of data loss or theft.
The Information Commissioner’s Office (ICO) website is a good source of advice for small businesses on how to keep their IT systems safe and secure. The ICO recommends implementing the government’s Cyber Essentials scheme as obtaining a certificate can provide certain security assurances and help protect personal data in your IT systems.
You might also like to know that the ICO has also set up an advice service offering help to small organisations. To phone the helpline, call 0303 123 1113 and select option 4 to be diverted to staff who can offer support. As well as advice on preparing for GDPR, callers can also ask questions about current data protection rules and other legislation regulated by the ICO including electronic marketing and Freedom of Information.
How can Minerva help?
First up, talk to us: we believe that a meeting to discuss the ways in which Minerva can assist you would be a great starting point in your preparations for the new GDPR legislation.
We are offering a Security Review service. This will be delivered by one of our infrastructure and security consultants. We will work through a review process to identify data security issues and system vulnerabilities and recommend appropriate corrective actions. It is an interactive process of review with you and your staff with an aim to put the solutions in place to achieve Cyber Essentials certification.
If you would like to book a meeting to discuss this further, or require an outline quotation for your Security Review with Cyber Essentials certification, then please email firstname.lastname@example.org or 01707 607100.