On Friday 25 May, GDPR (the EU’s General Data Protection Regulation) comes into force, and will be a game-changer for the way organisations store, manage and process personal data.
The regulation applies to organisations across the EU, and those outside the EU and handling EU citizens’ data – and will apply to UK organisations even after Brexit. The UK government has fully committed to implementing the requirements by 25 May 2018, and in August 2017 announced details of the UK Data Protection Bill, which will “bring the European Union’s General Data Protection Regulation (GDPR) into UK law,” (Department for Digital, Culture, Media & Sport).
And yet – according to the Cyber Security Breaches Survey 2018: Preparations for the new Data Protection Act published by the Department for Digital, Culture, Media & Sport’s in January 2018 – 51 percent of the small businesses (10-49 employees) questioned had not even heard of GDPR. Medium sized businesses (50-249) were doing better, with a figure of 34 percent, but the micro businesses (2-9 employees) were reporting as 69 percent unaware of GDPR.
It seems, however, that many individuals are aware of GDPR and the new data rights introduced by the regulation. A study recently conducted by UK media agency, 7 stars, for example, has found that of the UK consumers surveyed, 34 percent planned to exercise their ‘right to be forgotten’ – and three out of five were intending to question companies about the extent of their personal data held by the company. So, businesses – facing potential fines for non-compliance from the ICO (Information Commissioner’s Office) of up to 4 percent of annual turnover or €20m (whichever is greater) – need to be ready and prepared for 25 May 2018.
Michael Frisby, Vuzion MD, says, “With less than three months to go it is amazing that so many businesses still haven’t realised what GDPR is and the potential impact it could have on their business.
“But, this also represents a major opportunity for IT resellers – a $3.5bn opportunity, according to Microsoft.
“Meeting the GDPR requirements is foremost about process and people, and so at Vuzion, we’ve put together a range of solutions and services to help you support your customers – wherever they are with their GDPR preparations. And, based on feedback about the type of issues businesses are facing, we’ve recently added additional services to our GDPR support offerings.
“Services – ranging from GDPR awareness workshops to readiness assessments, and security posture reviews, to ongoing consultancy services, are delivered by Vuzion’s partner GDPR consultants, and experts in their field – and we’ve designed our offers to enable businesses to select the services that suit their needs.
“Once a business has started defining their processes and procedures, this is then your opportunity to help your customers with implementing the most appropriate technical solutions, services and applications that will make meeting the GDPR compliance requirements easier and more efficient. And, of course the Vuzion team is here to offer advice to support you.