The latest data rules, become enforceable in 2018.   If you hold, move or transact with an E.U. citizen you will be subject to the GDPR (General Data Protection Regulation) law regardless of which country you reside in. Businesses and organisations need to plan for the introduction of the GDPR now.

Oliver Hawkins Vendor Alliances Manager Make contact

Ignoring GDPR (General Data Protection Regulation) could have a serious negative impact on your bottom line. Fines for a breach of the GDPR will be up to €20m or up to 4% of global turnover, whichever is greater.

How could General Data Protection Regulation impact different sectors?

The Public Sector

More data will be subject to data protection laws, the higher level protections that apply to sensitive personal data will need to be applied to genetic and biometric data and existing consents may become invalid and new consents may therefore need to be obtained.

Read the full article by UK Legal Group, Geldards

Charity

There will be more rigorous requirements for obtaining consent for collecting personal data, the age of consent for collecting an individual’s data will be raised from 13 to 16 years old and charities will be required to delete data if it's no longer used for the purpose it was collected

Read the full article on Fundraising.co.uk

Retail

As reported in Retail Gazette, research carried out by Compuware  in September 2016, identified that 77% of retailers are unclear as to how they will respond to GDPR.  Worryingly, 71 % of retailers surveyed do not always know where their customer data is, while 24 % couldn’t ensure they’d find it at all!  

“If they don’t have a firm handle on where every copy of customer data resides across all their systems, retailers could lose countless man-hours conducting manual searches for the data of those exercising their ‘right to be forgotten.  Even then, they may not identify every copy, leaving them at risk of non-compliance.” Compuware Technical Director Elizabeth Maxwell.

Read the full article on the Retail Gazette

General Data Protection Regulation and Multi Cloud Management

If you’re already running workloads in the Cloud, inbuilt Cloud and multi cloud management tools, can really help you keep on top of compliance targets.

Microsoft Azure, for example, comes with industry-leading security measures and privacy policies to safeguard data in the Cloud, including the categories of personal data identified by the GDPR.

Azure helps identify what data you have and control who has access. And this is a critical requirement of the GDPR. Read more about features such as Azure Active Directory (Azure AD) and Azure Information Protection.  

For multiple clouds, a tool such as OCSL’s Cloud Control, can help manage and monitor your entire IT infrastructure. But it can also really help with compliance.  Using one simple portal interface it’s possible to set up user rights and enforce policies across your entire estate. Watch our Cloud Control Demo

Getting Started: GDPR IT Checklist Questions

See OCSL's GDPR Checklist

If you’d like to understand more about how Azure and Cloud Control can help you meet compliance targets, please get in touch.

Thought piece

Add new comment