For any organisation, big or small Data Protection is a major priority. May 25th 2018 is a date that they need to keep in their diary, as that is when the EU General Data Protection Regulation also known as GDPR comes into law.
The GDPR legislation includes mandatory breach notification, which means that organisations need to be able to detect, scope, and report a breach to the competent authorities within a very short space of time.
Failure to comply with this new legislation can result in large fines of up to €20m or 4% of global turnover.
If you are thinking we have 18 months to get ready for these new regulations, it is time to think again.
Recent research done by BT Ireland has shown that 69% of Chief Financial Officers (CFOs) are completely unaware of the GDPR rules. This is pertinent because thirty percent of CFOs and 26% of Chief Information Officers (CIOs) have the final sign-off on IT spend.
The research also revealed that only 28% of the CFOs who are aware of the EU GDPR believe it will have a significant impact, with the other 62% believing it will only have some impact.
What makes this more shocking is that the research was done with large domestic and multi-national organisations with an average of 800 employees. If the same research was done with SME’s, the results would likely be equally alarming and possibly even more shocking.
Cybersecurity is the protection of your I.T. infrastructure including hardware, software and data stored from theft, damage and disruption to any services you may provide.
Data Protection is where an organisation’s I.T. infrastructure is setup to determine what data stored can be shared with third parties, and where that data is securely stored.
Once you know which is which you will then be able to plan the best way for your organisation to handle and comply with the GDPR legislation.