Data security is a significant issue of concern for both small and large organizations. As an organization holds onto data collected from customers and vendors, it should be wary of the threat posed by cybercriminals. There are several standards that you should comply with when it comes to information security. ISO 27001 is one such standard.
Data services are just like coats - not all are created equal. There's a varying range of price, quality and reliability. And, if your data doesn’t have a good coat, there could be a range of bad or costly decisions made. These decisions could affect the business performance, financial situation, risk jobs, or even the fate of the company.
From 25 May 2018, a new European General Data Protection Regulation (the “GDPR”) will apply and change the rules applicable to businesses that process “personal data” such as customer and employee data. Organisations will need to consider implementing new procedures in order to comply.
Levels of concern in business appear to be rising, as the date for the roll out of the new EU Data Protection regulations, known as GDPR, was announced (May 25, 2018, by the way). Social media were alight with comment and speculation and many people were questioning if a potential Brexit could impact the uptake of the regulations in the UK. The bottom line is, we have our own Data Protection Act, which will remain and it is not possible to rule out the adoption of best practice guidelines, regardless of any potential Brexit outcome.
The data and cyber regulatory regime in the EU – which includes, for the time being at least, the UK – is undergoing a very significant shake-up. The new General Data Protection Regulation which will come into force on 25 May 2018 will bring a number of new measures into play such as much increased fines (up to the higher of 4% of annual worldwide turnover or 20 million euros, in some cases) and mandatory reporting of most data security breaches.