Top 7 GDPR myths and a few truths

Here are 7 GDPR myths (General Data Protection Regulation) or ’new Data Protection Act’. We hope this is of some help:

1) It only applies to computers. No, it all applies to all records containing personal data, including those stored on scraps of paper and written in quill pen.

2) You can buy a piece of software that will make you compliant. No! It is more about you knowing how you hold and process data and how you have other people hold and process your data. In other words, it is about you having policies.

For instance,

  • How long do you retain a client’s information after they become an ex-client?
  • How do you ensure that data is fully deleted if a client requests it?
  • How do you gather data together is a client requests a portable, electronic copy of the data you hold on them? (and they are entitled to this.)
  • and many more.

3) It will cease to apply after we leave the EU. Wrong! we are committed to upholding the GDPR after we leave.

4) It only applies to large companies. Wrong! It applied to all companies.

5) It only applies to the ‘owner’ of the data. No! This regulation applies to data processors as well.

6) You can continue to direct market to your potential customers. Do you have their informed permission? Was it given within a reasonable time?

7) If your company holds Cyber Essentials Plus certification you are covered. No! Read all the above again.

Here are the promised truths.

Yes, the top fine is €20M or 4% of global annual turnover, whichever is greater!

Yes, you do have to report all data breaches within 72 hours.

We are running a masterclass on Wednesday 22nd November. This will help you sort out the fact from the fiction.

https://bit.ly/GDPR-MC

See you at the masterclass to get it all sorted.

John

A Website, but so much more!

Our latest project has been something of a challenge. 

A branded website…

That is also a business directory…

That also has local business and community events…

Oh, and can you give it the capability to be bi-lingual.

We need it in less than a month.

So, how did we do that?

Well we base all our websites on WordPress – this gives us a very stable base to build upon. It also means that (unlike bespoke coding) security concerns can be addressed quickly. Developers of extensions have millions of users demanding the security updates!

We have built that with business directory, calendaring and translation using tried and tested tools. We have used local talent for the branding and design and yes, it is even mobile friendly, good for search engines and is already well embedded in the Google index!

Bet you are wanting to see it now! It is at https://cmb.wales

Already lots of businesses have signed up. Community calendar events are free!

Cudos to Diana and the team at Ailgynnau consulting for commissioning us for this project.

There is still work to be done, as not all the Welsh translations are in, but when they are we can apply them to the website.

Next!

Compliance matters

How do you know if your messaging solution is fit for the 21st century and GDPR (General Data Protection Regulation)? If for no other reason than the potential fines, compliance matters.

Historically, email systems just did email and that was good enough. With the new regulations there is significant onus on the owners and processors of data to ensure that it is only used properly and that it is not leaked. Traditional email systems, such as those based around web servers, typically do not cut the mustard. They send out emails with no guarantee that they came from a legitimate sender and can be read by anyone. Perfect for scammers and data leaks.

For information about how Microsoft is hardening its email solutions, check out this link: https://aka.ms/ome2017 on message encryption. A way to ensure that those who are supposed to read your emails can, and those who shouldn’t can’t!

Of course, within any system the weakest link in security is the users. Here is a link to our GDPR master class  https://bit.ly/GDPR-MC. In the master class you will find out about many of the requirements of the GDPR and how they will affect your organisation.

Finally, as a Microsoft Cloud Partner, we are able to offer Office 365 solutions to help keep you protected now and in the future.

GDPR Masterclass

GDPR Masterclass

Led by Chris Roberts of the GDPR Alliance.

Is your business ready for the new data protection regulations?

On May 25th 2018, less than a year away, the European Data Protection Regulations (GDPR) comes into force. This represents the most significant change to data privacy regulations for more than 20 years. With significant non-compliance penalties including financial ones of up to 4% of global revenue or €20m, it is essential that business owners understand what is coming, the potential impact it will have, and what actions are needed to ensure compliance.

Is your organisation going to be affected by GDPR?

The vast majority of businesses will hold what the regulation describes as “personal data” on an EU citizen so will need to be compliant with the regulations.

What is personal data?

Phone numbers, email addresses, home addresses, bank details, demographics, health information, sexual orientation, in fact anything that could identify a specific person.

What’s covered during the workshop?

  • Why this legislation has come in to being
  • The key points of the new legislation
  • Likely causes of non-compliance
  • Risks and penalties: what changes will you need to make?
  • What actions should you consider to reduce risk
  • What are implications of non-compliance?

Workshop leader

Chris Roberts a Director at Highend Software and a Co-founder of the GDPR Alliance leads these workshops.  Chris regularly presents on business efficiency and productivity improvements and GDPR. Recent presentations include those for the Federation for Small Business (FSB), Superfast Business Wales, Wales Fraud Forum, BNI and numerous private clients.

Venue

The class will start at 9:00am for a 9:30am start in the Conference Room at the prestigious Beacon Centre for Enterprise in Dafen, Llanelli, SA14 8LQ.

Tickets are on sale through our ticketing portal https://bit.ly/GDPR-MC. Book early for deep discounts.

GDPR – General Data Protection Regulation

On 5th October, I was giving a talk to a Novus Networking in Cardiff. The topic was the GDPR. Not the most exciting topic for a group of under 35s, but there you go.

At its heart the GDPR is about protecting our privacy. As the prominent privacy campaigner, Julian Assuange said, to those who doubt our need for privacy: “There is no killer answer yet. Jacob Appelbaum (@ioerror) has a clever response, asking people who say this to then hand him their phone unlocked and pull down their pants.”

Of course we know of cases where governments want backdoors into our phone security and airports have x-ray systems that reveal our unclothed bodies.

There are many great materials out there. In the next month, Cloud Genius is hoping to be running some courses on the GPRS in Llanelli. As a starter, there is an introduction (for free) on trailhead.salesforce.com

The provisional date of our masterclass will be Wednesday 22 November. It promises to be full of useful information that will help you remain compliant.

(The fines for non-compliance are up to €20M or 4% of annual global turnover, whichever is greater.)

Social Media Auto Publish Powered By : XYZScripts.com