Vogal Design - GDPR News

Vogal's Blog

Vogal Design's GDPR Journey

Shaun Breeze

16/01/2018     10:25am

What is the General Data Protection Regulation?

The General Data Protection Regulation (GDPR) is the European Union's new legislation to protect the personal data of EU citizens, organisations must be compliant by 25th May 2018. It comes in place of the 1995 Data Protection Directive (DPD) and, prior to Brexit, would have led to the UK implementing a new act in place of the existing Data Protection Act 1998. The GDPR incudes new and updated responsibilities for data controllers and processors.

Businesses trading within the EU need to demonstrate compliance with the GDPR when handling personal data.

The GDPR is a binding legislative act that applies in its entirety throughout the EU and creates a framework of consistency for the protection of personal data.

What are the key changes?

  • Secure free flow of data between EU states by harmonising data protection.

  • GDPR introduces stricter protection laws with a two-tier fine policy.

  • Organisations given increased liability for personal data they control and process.

  • Data controllers will be required to provide an accessible and detailed record of how data is used, where and by whom.

  • Individuals will have statutory 'right to be forgotten' if a data controller cannot provide a legitimate reason for keeping their data.

  • Individuals will have a 'right to portability' meaning they can request data from an old controller in a readable format, and move it from one provider to another.

  • Data processors will be regulated under the GDPR, they will need to work closely with data controllers and:

  • Maintain detailed records of processing operation and activities

  • Implement appropriate security standards

  • Carry out data protection impact assessments (PIA's) for high risk projects

  • Appoint a data protection officer (where necessary)

  • Co-operate with national supervisory authorities and comply with rules on international data transfers

Vogal Design, securely handle data on behalf of clients in order to provide hosting and cloud system services. We also process client data in order to provide a number of hosting, analytics, and communication and digital services to a range of customers.

We're serious about GDPR and getting it right, but we also want customers to be aware of what is involved, how it will further protect them but also what they can learn from us that can support them with their GDPR delivery.

Thanks for reading
Vogal Design