There’s no doubt about it: 2018 has definitely been the year of the data breach. From Facebook to British Airways, Tesco, Adidas and even the UK Government, it seems as though every week we learn about a new high-profile breach. And as big business continues to struggle to protect its valuable data, it’s become apparent that we all need to raise our game in order to stay one step ahead of the sophisticated techniques used by modern hackers.
Add into the mix an increasing lack of trust among consumers towards all things digital. Thanks to the recent Facebook/Cambridge Analytica scandal in which the data of millions of users was illegally ‘harvested’ for marketing purposes, consumers are now more aware than ever of their rights, data privacy settings and the need for transparency in regard to the digital storage of personal information.
So, where do we go from here? Enter, GDPR…
The General Data Protection Regulation, better known as GDPR, came into effect in May this year, and represents one of the most important changes in data privacy regulation in over 20 years. In short, GDPR changes the way that we deal with customer data. Some of the key principles are:
Consent must be obtained from users before their personal data is collected/used
Consumers are entitled to access their own data profile
Consumer data must be managed by an appointed person – such as a Data Protection Officer – and security breaches must be reported within 72 hours
All consumer information must be erased/properly disposed of when no longer required.
Not only must organisations now obtain formal consent from users before acquiring – and using – their personal data, but appropriate steps must be taken to ensure that consumer data is stored and disposed of securely.
With fines of €20 million or 4% of global turnover for non-compliance, GDPR is not to be taken lightly. Just ask British Airways: the company could be facing a substantial fine after a malware attack left hundreds of thousands of customers vulnerable to financial fraud.
In the current climate, transparency is more important than ever, particularly across digital channels, and the need to retain consumer trust is a high priority for most organisations. Thanks to GDPR, we already have a framework in place to help us ensure that personal data is handled properly. But in order for this to work, effective systems have to be implemented and maintained.
At RELLTEK, we offer a comprehensive range of IT support services, from IT project management to cyber security and cloud computing. What’s more, we’re experts in asset disposal, so when the time comes to replace your IT equipment, we can assist with the removal, wiping and destruction of electrical waste under GDPR.
So don’t leave your IT security to chance. Call in the experts.
