My Cart

Close

GDPR

NEW GDPR UK LAWS COMING INTO FORCE BY APRIL 2018

The past decade has witnessed a drastic increase in the amount of digital information we create, capture and process; but it has been nearly 20 years since the UK’s data protection laws were last updated, and it came in the form of the 1998 data protection bill. Fast forward 20 years and these laws have become obsolete; no longer fit for purpose.

The British Government has signed into law, the General Data Protection Regulation (GDPR). The regulation is all about giving people easier access to the data companies hold about them, as well as a clear responsibility for these organisations to obtain the consent of users whose data they collect. The implication is that companies covered by the GDPR will be more accountable for their handling of people's information. Hence, if an organisation doesn’t comply with the GDPR, it can be fined.

The past decade has witnessed a drastic increase in the amount of digital information we create, capture and process; but it has been nearly 20 years since the UK’s data protection laws were last updated, and it came in the form of the 1998 data protection bill. Fast forward 20 years and these laws have become obsolete; no longer fit for purpose.

The British Government has signed into law, the General Data Protection Regulation (GDPR). The regulation is all about giving people easier access to the data companies hold about them, as well as a clear responsibility for these organisations to obtain the consent of users whose data they collect. The implication is that companies covered by the GDPR will be more accountable for their handling of people's information. Hence, if an organisation doesn’t comply with the GDPR, it can be fined.

Within this past 12 months, there were millions of data breaches recorded affecting user details across many social platforms such as Yahoo, Myspace and LinkedIn. Even SMEs are not left out either contrary to popular opinion that SMEs are not affected by hackers due to their smaller headcount and profit margin relative to multinationals. The truth is that any company that is not investing in security, training and data compliance about how to work securely is an easy target. In other words, you might not have the same prospective significance to a hacker, but you might be a lot easier to hack.

What’s worse? Small businesses will get the same fines and penalties from the GDPR. Once GDPR swings into effect from the 28th of May 2018, they could be fined anywhere between €10 million or 2% of your global turnover or €20 million or 4% of your turnover depending on the extent of the breach. Put these exorbitant fines together with the cost of the time you will be out of business, add that to the loss of earnings, customers, confidentiality breaches, damage to reputation and most companies would be out of business for good. A shocking revelation from studies conducted by the Federation of Small Businesses shows that over 65% of small businesses have experienced data breaches as a result of cybercrime. In essence, a small business will be a victim of four cyber-crimes every two years.

It’s important to keep in mind that the GDPR is not just primarily about data security; but also an incentive to encourage correct use of data by processors.

WAY FORWARD FOR COMPANIES?

The introduction of the new regulations may see a tremendous challenge for enterprises, but it also presents an opportunity for change. It represents a chance to take the appropriate steps to prepare for the new rules which according to Zach Thornton, External Affairs Manager from the DMA should be viewed as a chance for digital transformation. Hence, companies should endeavour to get the ball rolling in making the necessary changes before the May 2018 deadline.

INITIATE A THOROUGH AUDITING.

It is essential that you embark on a detailed assessment exercise to discover where a data audit could save your business. Be honest about what qualifies as personal data; this includes any information that can be used to identify an individual such as a name, address, IP address... you name it. Also involved are sensitive personal data encompassing genetic data, information about political and religious views, sexual orientation, and more.

You must be accountable for whatever information you hold, whether old emails or data lists. In addition you need to know where it’s held, whether you have appropriate permissions and what processes are involved in the procurement and security.

INCLUDE EVRY PART OF YOUR BUSINESS;

After embarking on a thorough scrutiny, the next step is to engage people at every level of the business and educate them on why their section of the firm is involved. A recent study by PWC revealed that over 30% of small businesses suffer data breaches due to the carelessness of their staff. Hence, it is important that you include other parts of the firm ecosystems such as external platforms like Dropbox or One drive that may be used by your staff

GET RID OF EXCESS DATA.

You should take care to delete any data that you don’t need; it’s better to be safe than sorry. Also, It is risky to hold anything you don’t use or is out of date. Saving data that you are not sure will be useful someday doesn’t help anyone, least of all your business, in fact, the idea here should be; if you don’t have a specific purpose for it, throw it out.

DO NOT ASSUME

Educate yourself properly on the appropriate guidelines for what is obtainable in regards to the general Data Protection Regulations. Also endeavour to understand the nitty-gritty of the regulation, especially as relates to being able to provide justification and permission for customer records. The policy includes a “right to be forgotten” which enables an individual to request the deletion or removal of their data when a company has no convincing reason to hold it.

MOVING ON

Whether you like it or not, the GDPR has come to stay, and come May 2018; the regulations are going to be in full effect, and the earlier your company embraces it, the better. It is best to see the new policy as what it is; a chance to make your business more secure, transparent and trusted than it was before. As long as your company collects, processes or stores data in the EU for EU citizens, GDPR will affect the way these data are collected and stored, and you need to be compliant.

Companies that will be affected more are businesses that engage in digital marketing, but the positive side of it is that it opens a new opportunity to gain more trust and confidence from your customers.

All rights reserved to EcoVoIP Ltd 2017



Data Protection Policy GDPR



Please fill the form below and one of our representative will get in touch with you within 24-48hrs

Welcome to EcoVoip

Enter your email address to receive a EcoVoip Welcome Brochure and exclusive offers right into your mailbox !

SEARCH THIS STORE