The EU’s General Data Protection Regulation (GDPR) will apply from 25 May 2018, when it supersedes the UK Data Protection Act 1998. Significant and wide-reaching in scope, the new law brings a 21st century approach to data protection. It expands the rights of individuals to control how their personal information is collected and processed, and places a range of new obligations on organisations to be more accountable for data protection
GDPR compliance is not just a matter of ticking a few boxes; the Regulation demands that you be able to demonstrate compliance with the data protection principles. This involves taking a risk-based approach to data protection, ensuring appropriate policies and procedures are in place to deal with the transparency, accountability and individuals’ rights provisions, as well as building a workplace culture of data privacy and security.
With the appropriate compliance framework in place, not only will you be able to avoid significant fines and reputational damage, you will also be able to show customers that you are trustworthy and responsible, and derive added value from the data you hold.
In partnership with one of the UK's leading independent experts in IT governance, risk management and compliance solutions, 3C can now offer an unparalleled range of comprehensive solutions, services and expertise to help you meet your GDPR compliance objectives.
Alternatively we can arrange a conference call with one of our consultants to discuss your requirements in more detail.
As a first step, why not download our guides to GDPR and the Cyber Essentials Scheme?