The EU General Data Protection Regulation (GDPR) is now effective and it’s here to stay, Brexit or no Brexit. This legislation, which succeeds the Data Protection Act 1998 (DPA), is quite significant and will affect all organisations who collect, manage, process, and store personally identifiable and sensitive data for EU citizens, anywhere in the world.
Any organisation who is found to be breach of the regulation or fails to demonstrate compliance, risks facing financial penalties of up to €20 million or 4% of their annual world-wide turnover, whichever is the greater, plus criminal prosecution and of course the resultant damage to reputation.
Preparing for GDPR is not simply a textbook exercise or one that can be managed by spreadsheets alone. You must know where data is stored and how to mitigate risk. If you use personally identifiable information, you must ensure that your organisation is using it for the right purpose, in the right way and with the right controls.
AD Network Solutions can both ensure your organisation is GDPR compliant or deliver the training necessary to equip your managers to help your organisation become GDPR compliant.
Is it enough to simply tell your employees not to use their work machines for non-work-related activities? Or would it make much more sense to create and distribute an effective, fair and equitable written policy which you ask your users to read and sign. It's no longer just a matter of wasted time that should be spent on work; it's becoming essential that companies cover their assets by establishing and enforcing clear rules governing computer and network usage. Policies are also needed to protect the security of the network and prevent users from introducing viruses or opening their systems and the entire network to attacks.
We also offer support in areas such as compliance in your particular sector of work such as NHS (Internal Governance) and Education.