Why it’s vital to safeguard data

 

 

 

The General Data Protection Regulation is a European directive designed to improve and unify the way that organisations operating across the EU collect, handle, process and store personal data such as HR records and customer lists.

 

Having become enforceable on 25th May 2018, the GDPR has superseded the Data Protection Act 1998 in the UK to expand the requirements of storing personal data, improve information governance and impose more stringent sanctions on organisations that suffer a data security breach.

 

Read on to discover how Sysrex’s GDPR services can help your organisation to achieve hassle-free compliance.

 

Who does the GDPR apply to and what data needs to be protected?

 

The GDPR applies to all organisations across the EU that process personal data, or handle and store information on a client’s behalf.

 

The GDPR places obligations on both data ‘controllers’ and ‘processors’. Data controllers are defined as those who determine the purpose and manner in which data is processed, while data processors are defined as any third party, such as a cloud service provider, that undertakes data processing on behalf of the data controller.

 

Personal data is defined as ‘any information relating to an identified or identifiable natural person’. The GDPR expands the definition outlined in the DPA to also include online identifiers such as IP addresses and web cookies as well as biometric data such as fingerprints.