If you are wondering what GDPR stands for then you are almost certainly not ready for this key change of law which is coming your way.
The GDPR is the General Data Protection Regulation which is an EU piece of law which will essentially enhance your responsibilities in regard to data protection. Regardless of Brexit, this new law will come into place in the UK in May 2018 and now is not too soon to start thinking about how it will affect you and your business.
You already have data protection responsibilities and this is a good opportunity to ensure you meet those current rules. For example, do you have the required privacy notice on your website which tells your website visitors who you are, what information you collect from their visit and how you use it? If not, you need one and will definitely need one when the GDPR comes in as even details such as the visitor’s IP address will be confirmed as ‘personal data’.
You can get more information from the Information Commissioner website, perhaps starting with their 12 point checklist:
Preparing for the General Data Protection Regulation (GDPR) 12 steps to take now
On average 55 vulnerabilities are identified daily.
What can I do?
Review your organisations priorities and ask ‘can we afford a breach?’. What do I do during an incident? Who do I involve? When do I involve the ICO?
If you’re unable to answers these questions, you need help from the experts.