The GDPR has now come into force and organisations must ensure that they achieve compliance with this regulatory requirement. With a strong track record of protecting critical information for organisations across the UK and a deep understanding of the changing data protection environment, Hollis Technology can help your business to implement and manage GDPR compliance strategies on an ongoing basis.
What is the GDPR?
The GDPR is designed to give individuals better control over their personal data and establish a single set of data protection rules across Europe. Oganisations must ensure that effective GDPR strategies are in place or face fines of up to 20 million euros or 4% of annual turnover for non-compliance.
There are five key challenges:
- Rights of EU data subjects – Organisations must provide easier access to personal data, with clear and easily understandable information on processing.
- Security of personal data – Data breaches must be reported to regulatory authorities within 72 hours, and all affected individuals informed.
- Lawfulness and consent – Processing of personal data is lawful only if one of the six factors relating to GDPR lists is adhered to. Consent is one of these factors, but under the GDPR, consent must be demonstratable.
- Accountability of compliance – Organisations must demonstrate compliance with the GDPR principles relating to personal data. However many have yet to decide on the tools they need to show this proof to regulatory bodies.
- Data protection by design – Data controllers must implement technical and business measures which demonstrate compliance with GDPR core principles, ensuring the rights of data subjects are met and that only data necessary for the specific purpose is processed.
Hollis offers a range of solutions, services and expertise to help organisations ensure compliance with the GDPR. They include:
- Assessments – Whether your organisation has already started a GDPR compliance project or is preparing its first moves, our GDPR assessment service will help identify any compliance gaps and offer advice on actions required to achieve GDPR compliance.
- Data – We can help assess existing data, how secure it is, what it is used for and how an organisation interacts with customers, suppliers and partners. This is crucial for offering transparency and trust, which is required to comply with the GDPR.
- Security – Hollis can help with data protection and offer advice on proper use, notice, consent, choice, access, rectification and erasure. Additionally we can make sure that data and security strategies are aligned enabling IT teams to be more effective when planning for GDPR compliance.
- IT Processes – We review existing IT and data management processes, how GDPR influences them and help organisations to manage the required changes.
- People – We provide training to help employees understand GDPR and the risks and impact of improper data usage.
- Governance – We can help organisations to translate GDPR into actions, norms and values including the measures that need to be taken and reviews of effectiveness.