Are you prepared for GDPR?

What is GDPR?

On 25th May 2018, The General Data Protection

Regulation (GDPR) is due to be enforced. GDPR will

apply to all Companies worldwide that collect, process

and store Personal Identifiable Information (PII) of EU

Citizens.


GDPR will supersede the previous Data Protection

laws and include new and more detailed protection

legislations for Personal Identifiable Information (PII).

What are the risks of not complying?

Non compliance with GDPR can result in a fine from

the ICO, the UK’s indepenent body setup to uphold

information rights. There are two levels of fines you

could face. The first is a fine up to €10 million or 2%

of the Company’s global annual turnover, whichever is

highest. The second is a fine up to €20 million or 4% of

the Company’s global annual turnover of the previous

year, whichever is higher. The fines have been made

substantial to ensure Company’s comply with the

regulation.

Key Principles of GDPR

► Data is processed lawfully, fairly and in a transparent manner.

► Data is collected for specified, explicit and legitimate purposes.

► The purpose for data must be adequate and relevant

► Data should not be stored for no longer than necessary.

► PII is protected, ensuring it is secure.


Source: https://ico.org.uk/for-organisations/guide-to-the-general-data-protection-regulation-gdpr/

How can Oakford help?

We provide two Professional Service Packs to get you prepared for GDPR.


Technical Audit

This service will help you understand what PII data you hold, where it is stored and who you share it with.

We will evaluate your technical controls to identify areas at risk of a data breach.


► Conduct a digital information audit

► Gain visibility of personal data stores, both internal and externally hosted systems

► Identify network and system vulnerabilities.

► Pass/Fail report with recommendations.



GDPR Readiness Review

Our GDPR Readiness service will help you evaluate where your processes and systems stand across all areas in relation to the new GDPR guidelines. We will also provide awareness training to your staff.


► Identify vulnerabilities

► Improve data life cycle management

► Gain visibility of your data flows

► Gain a better insight for strategies to protect personal data

► Reduce privacy-related risks and associated data breaches

► Improve efficiencies related to processes, systems and controls

► Identify areas for contractual updates with third-party providers.

Do you need help with GDPR?