©2019 by Cyber365

iStock-898997814.jpg

GDPR

General Data Protection Requirements (GDPR)

The EU General Data Protection Regulation (GDPR) is one of the largest ever changes in data protection law. It replaces the existing Data Protection Directive and came into force on 25th May 2018.

 

The aim of the GDPR is to give Europeans better control over their personal data held by organisations worldwide. The new regulation focuses on keeping organisations more transparent and expanding the privacy rights of individuals. The GDPR also introduces more stringent penalties and fines for organisations who are non-compliant ranging up to 4% of annual global turnover or €20 Million, whichever is the greater.

 

We are partnered with TwoBlackLabs who are GDPR specialists. If you would like an introduction please contact us.

Privacy Impact Assessments

A Privacy Impact Assessment (PIA) is a documented impact assessment that helps to identify the privacy risks associated with a solution.

A PIA aims to:

  • Ensure conformance with the Privacy Act and / or GDPR, and policy requirements for privacy

  • Determine the privacy risks and effects

  • Evaluate controls and alternative processes to mitigate potential privacy risks.


The advantages of doing a PIA are:

  • Avoidance of costly or embarrassing privacy mistakes

  • Aids in the identification of privacy problems early to allow appropriate controls to be identified and built

  • Enhanced informed decision making regarding appropriate controls

  • It demonstrates the organisation takes privacy seriously

  • Increased trust by customers and employees.

 

We are partnered with TwoBlackLabs who are PIA specialists. If you would like an introduction please contact us.