The General Data Protection Regulation (GDPR) (Regulation (EU) 2016/679) was put forth by the European Commission in 2012 and was finally agreed and enacted by the European Parliament and Council in April 2016 and is set to replace the Data Protection Directive in May 2018. Organisations have until then to demonstrate their compliance.
The GDPR is the biggest upheaval in how data is handled in 20 years and is aimed to strengthen and unify data protection for individuals within the European Union (EU). It also addresses export of personal data outside the EU.
Organisations in breach of the regulations can expect fines of as much as to 4% of annual global turnover or 20 million Euros, whichever is greater.
Personal data breach means a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to, personal data transmitted, stored or otherwise processed. Source: REGULATION (EU) 2016/679 OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL of 27 April 2016 (The GDPR)
The GDPR contains a number of new protections for data subjects and it applies to all organisations who handle personal data of EU residents.
Businesses now need to embrace a culture of security – not just within their own organisation, but in everything they do and with everyone they deal with.
The GDPR introduces a host of new concepts such as ensuring appropriate data governance, privacy by design, and mandatory privacy impact assessments (PIAs), as well as making all parties within the supply chain accountable for assuring the confidentiality and integrity of the personal data being held.
GDPR compliance just made hosted desktop solutions even more compelling!
If you or your client are breached, or if something goes wrong and you lose data, you may be investigated under the powers of the GDPR and if it can be proven you haven’t behaved appropriately and have failed to put in the appropriate measures to control your data, you may be subject to the full force of EU law.
In 2016 we appointed a GDPR consultant to assist with the management of our compliance with GDPR.
Starting in 2017 we performed a comprehensive audit and gap assessment of our compliance to GDPR in readiness for 25 May 2018.
All GDPR policies and procedures are now built into our ISO9001 system, and will be audited within our annual ISO9001 audits (both internal audit, and external audit).
We have implemented a new data protection impact assessment which is incorporated into our product development procedure.
Our partner agreement is with our legal team for review against GDPR legislation and will be sent to partners in shortly.
ICO (Information Commissioners Office) The UK’s independent authority set up to uphold information rights in the public interest, promoting openness by public bodies and data privacy for individuals.
Follow this link to the ICO website ‘Guidance: What to Expect and When’ which contains further information and advice on the GDPR and what steps organisations need to take towards becoming GDPR compliant. In particular, take a look at their document on ‘Preparing for the GDPR: 12 steps to take now’.
We've perfected the infrastructure and made your choice simple. Your clients will require either a Standard or Premium virtual desktop.learn more
Our infrastructure, designed In partnership with HP, offers GoCloud partners the choice between a Windows or Citrix environment.learn more
Add further value to your proposition by including additional services such as MS Office, MS-SQL Servers and Hosted Exchange.learn more