The EU General Data Protection Regulation (GDPR) replaces the Data Protection Directive 95/46/EC and was designed to harmonize data privacy laws across Europe, to protect and empower all EU citizens data privacy and to reshape the way organizations across the region approach data privacy. Within GDPR there are eight individual rights enshrined that set out how your personal data can be collected, processed and used. GDPR aims to rectify that, forcing companies to boost security to prevent hacks having an impact, while reducing the amount of processing that can be done on your data. Finally, the control over data has been pushed back into our hands, where it belongs.
To show that the regulators are serious about the new rules, the maximum fines for companies found to be in breach of the regulations, or that lose personal data, are now €20m, or 4% of worldwide turnover, whichever is greatest. These fines apply whether data has been lost accidentally or through a massive hack. That’s a good incentive for companies to take security more seriously and protect their customers’ data. We help clients in gap assessment, defining processes,templates, laying out technical controls , quarterly internal audit, compliance check and remediations etc. We provide GDPR awareness training and DPOR related training as well.