GDPR FILE TRANSFER
Most organisations will handle personal data in some way so it’s essential that you’re clear on GDPR File Transfer legislation. Taking the right steps towards compliance will avoid breaches and the risk of hefty fines.
GDPR is the new EU regulation for handling personal data. It stands for ‘General Data Protection Regulation’ and comes into force on the 25th May 2018. This stringent set of security measures relate to how and where personal data is collected, handled and used. By reinforcing individuals’ rights and giving them back control, it’s hoped GDPR will restore confidence and strengthen the EU internal market.
GDPR impacts data transfer and file sharing processes and systems significantly. Reviewing these should be one of your first steps towards GDPR compliance. Systems are quick to implement and address several requirements simultaneously.
KEY GDPR FILE TRANSFER LEGISLATION FACTS
GDPR comes into full effect on the 25th May 2017 and there will be no grace period.
Personal data means any data that makes a living person identifiable, whether directly or indirectly. The sensitivity of the data matters too.
Breaches could have serious consequences. Fines for the most serious breaches could reach €20 million or 4% of the organisation’s Global Annual Turnover, whichever is greater.
GDPR does not just apply to countries in the EU and European Economic Area (EEA) EEA. Organisations holding or using data about any citizen from an EU or EEA member state will need to comply.
Brexit makes no difference when it comes to GDPR. Britain will still be part of the EU when GDPR comes into effect and the UK Government will have an equivalent regulation in place.
GDPR contains 99 separate articles, covering all aspects of data protection. Data Protection Officers will need to review file transfer systems, call systems, anti-virus systems, data classification and data loss prevention systems, policies and training, among other things.
NEXT STEPS FOR YOUR FILE TRANSFER PROJECT
The technical experts at Pro2col have developed resources and services to help you.
Our White Paper is an essential read for organisations wanting to review their data transfer and file sharing systems and processes to make sure they comply with GDPR.
Pro2col’s GDPR Advisory Service offers pre- and post-implementation planning options, depending on which stage your organisation is at.
This blog post outlines your data transfer logging and reporting responsibilities under GDPR Article 30, plus recommendations to stay compliant.
This article looks at encryption in transit for GDPR. It’s the second in our series of blog posts about GDPR and data transfer.