GDPR Compliance

Keeping IT ahead of changing legislation and compliance.

  • Find all your data assets
  • Secure your data estate
  • Consolidate your data silos
  • Manage your data at all times


GDPR SOLUTION GUIDE

On 25th May 2018, GDPR applies to anyone who:

gdpr boxes

Practical solutions for GDPR

We are experts in helping businesses locate, secure, bring together and manage their data and business information to comply with the law. Here’s how:

FIND

Advise, define and implement strategies to ensure your IT assets align with GDPR:

  • Determine current capacity and GAP analysis
  • Assess availability and performance capabilities
  • Specify security considerations
  • Identify systems and interfaces of personal data and their vulnerabilities
  • Identify operating process inefficiencies

SECURE

Secure your data estate sprawl to comply with GDPR:

  • Improve resilience against cyber-attacks
  • Rapidly detect and respond to malicious threats
  • Understand and minimise security risk, enhance security policies and employee awareness

CONSOLIDATE

Consolidate your data & client specific information:

  • Consolidate your IT and data assets into a single controllable entity
  • Decommission non-authorised & non-accountable applications
  • Communicate service changes and enforce new policies

MANAGE

Keep your compliance and policies ever ready, adding value and peace of mind.

  • Day-to-day support, maintenance and operation of your data & IT estate
  • Seamless integration with legacy systems
  • Best practice methodology for systems
  • Post-implementation optimisation and management

 

GDPR SOLUTION GUIDE

9 key points of GDPR

 

EXPANDED TERRITORIAL REACH
More companies will be subject to GDPR which is not the case now.

CONSENT
Consent of personal data must be freely given, specific, informed and unambiguous.

ACCOUNTABILITY AND PRIVACY BY DEFAULT
Increased emphasis on the accountability for data controllers to demonstrate data compliance.

NOTIFICATION OF A DATA BREACH
Notification to the Data Protection Authorities has changed. SANCTIONS Fines – up to 4% of annual worldwide turnover or 20 million Euros is possible.

SANCTIONS
Fines – up to 4% of annual worldwide turnover or 20 million Euros is possible.
ROLE OF DATA PROCESSORS
Direct obligations to implement technical and organisation measures to ensure data protection.

ONE STOP SHOP
This legislation will be applicable in all EU states.

REMOVAL OF NOTIFICATION REQUIREMENT
Notifying or seeking approval from a Data Protection Authority is changing.

RIGHT TO BE FORGOTTEN
One of the most useful changes for the average person managing their data protection risks.
 

12 steps to prepare for GDPR

 

AWARENESS
Raise awareness among management and staff of the new rules on the organisation and individual.

INFORMATION YOU HOLD
Perform data audits to review and document the personal data held and its location and source.

COMMUNICATING PRIVACY INFORMATION
Review your current privacy policies and put a plan in place for making changes in time.

INDIVIDUALS’ RIGHTS
Check that your procedures cover all the rights individuals have, including how you would delete personal data or provide data electronically and in a common format.

SUBJECT ACCESS REQUESTS
Update your procedures and plan how you handle requests within the new timescales and provide any additional information.

LEGAL BASIS FOR PROCESSING PERSONAL DATA
Look at the types of data processing you carry out and identify your legal basis for carrying it out and document it.
CONSENT
Review how you are seeking, obtaining and recording consent and if you need to make changes to these processes.

CHILDREN
Think about placing systems to verify individuals’ ages and get parental consent for your data processing activity.

DATA BREACHES
Make sure you have the right procedures in place to detect, report and investigate any personal data breaches.

DATA PROTECTION BY DESIGN AND DATA PROTECTION IMPACT ASSESSMENTS
Know the guidance the ICO has produced on Privacy Impact Assessments and how and when to implement them.

DATA PROTECTION OFFICERS
Appoint a Data Protection Officer to take responsibility for data protection compliance.

INTERNATIONAL
If you operate internationally, determine which data protection supervisory authority you will come under.

What next?

Everybody’s different. It’s why we prefer to talk to you directly about your security, compliance and policy needs.

There’s no value in telling you generic stuff you already know, it’s the stuff you don’t know that really matters.

 

GET IN TOUCH

CONTACT US
1 Olympic Way
Wembley
London HA9 ONP
T: 020 3880 8369

GENERAL ENQUIRIES
info@re-solution.co.uk

SUPPORT
support@re-solution.co.uk

STAY IN THE LOOP
            

STAY INFORMED