The EU General Data Protection Regulation (GDPR) replaces the Data Protection Directive 95/46/EC and was designed to harmonize data privacy laws across Europe, to protect and empower all EU citizens data privacy and to reshape the way organizations across the region approach data privacy.  Within GDPR there are eight individual  rights enshrined that set out how your  personal data can be collected, processed and  used. GDPR aims to rectify that, forcing  companies to boost security to prevent hacks  having an impact, while reducing the amount  of processing that can be done on your data.  Finally, the control over data has been pushed  back into our hands, where it belongs.

To show that the regulators are serious  about the new rules, the maximum fines for  companies found to be in breach of the  regulations, or that lose personal data, are  now €20m, or 4% of worldwide turnover,  whichever is greatest.  These fines apply whether data has been  lost accidentally or through a massive hack.  That’s a good incentive for companies  to take security more seriously and protect  their customers’ data.  We help clients in gap assessment, defining processes,templates, laying out technical controls , quarterly internal audit, compliance check and remediations etc. We provide GDPR awareness training and DPOR related training as well.