With a strong track record of protecting critical information for organisations across the UK and a deep understanding of the changing data protection environment, Hollis Technology can help your business become GDPR compliant by May 2018.
What is the GDPR?
GDPR is designed to give individuals better control over their personal data and establish a single set of data protection rules across Europe. It has been widely reported that over 50% of organisations in the UK will not be GDPR compliant by May 2018 unless they make significant changes to how they operate. With fines of up to 20 million euros or 4% of annual turnover, organisations must act now to become GDPR compliant.
There are five key challenges:
- Rights of EU data subjects – Organisations must provide easier access to personal data, with clear and easily understandable information on processing.
- Security of personal data – Data breaches must be reported to regulatory authorities within 72 hours, and all affected individuals informed.
- Lawfulness and consent – Processing of personal data will be lawful only if one of the six factors relating to GDPR lists is adhered to. Consent is one of these factors, but under the GDPR, consent will become even more difficult to demonstrate.
- Accountability of compliance – Organisations will be expected to demonstrate compliance with the GDPR principles relating to personal data. However many have yet to decide on the tools they need to show this proof to regulatory bodies.
- Data protection by design – Data controllers must implement technical and business measures which demonstrate compliance with GDPR core principles, ensuring the rights of data subjects are met and that only data necessary for the specific purpose is processed.
Hollis offers a range of solutions, services and expertise to help support the journey to GDPR readiness. They include:
- Assessments – Whether your organisation has already started a GDPR compliance project or is preparing its first moves, our GDPR assessment service will help identify any compliance gaps and offer advice on actions required before May 2018.
- Data – We can help assess existing data, how secure it is, what it is used for and how an organisation interacts with customers, suppliers and partners. This is crucial for offering transparency and trust, which is required to comply with the GDPR.
- Security – Hollis can help with data protection and offer advice on proper use, notice, consent, choice, access, rectification and erasure. Additionally we can make sure that data and security strategies are aligned enabling IT teams to be more effective when planning for GDPR compliance.
- IT Processes – We review existing IT and data management processes, how GDPR will influence them and assess the impact as well as helping organisations to manage the required changes.
- People – We provide training to help employees understand GDPR and the risks and impact of improper data usage.
- Governance – We can help organisations to translate GDPR into actions, norms and values including the measures that need to be taken and reviews of effectiveness.