Over the past 6 months, social media and the Internet have been inundated with GDPR-related material. Law firms, consultancies – large and small – and even tech firms have all jumped on what they perceive to be a lucrative band wagon. And indeed, the regulation has the potential to be a catalyst to drive real action around security and privacy. But at the same time, it is key to put things in perspective and look beyond a few very simplistic clichés.
What law is going to catch you with your pants down? (or why you NOW need to understand GDPR as an EU business)
If you’re not sure what the GDPR is or how it will affect your business, now’s the time to start paying attention. This is all about company’s legal liability to protect data they hold on staff, customers and in fact anyone where personal details are stored and the impact (fines £) that are going to ensure if you don’t!
So this encompasses cloud, on premise, IOT and mobile, no matter where you store data, if it meets the criteria of personally identifiable and relevant information then you need to comply. Ignorance will not be an excuse and in fact will put you in a far worse position. Better you can demonstrate your diligence of action and how you have tried to mitigate any risk as a defence. It is good practise to be able to demonstrate that you have attended training, acted on the process recommended from it and tried to do the right thing and you have a far better chance of being treated leniently and worked with rather than against it should the worst happen.
With the growing importance of data analytics, businesses are discovering that they must walk a fine line in how they handle and manage customer data. Data privacy both from both regulatory and reputational standpoints...
I’ve been talking about the subject of information security weaknesses in smart buildings for a while now, and maybe it’s coincidence, or maybe just an example of the Baader-Meinhof effect, but the news around this has appeared to be getting noisier recently.