Has COVID-19 made local government less cyber secure?
Your organisation may not be fully compliant with regulations such as the General Data Protection Regulation (GDPR) right now, but it’s important to remedy this as soon as possible.
Our data protection experts have developed some helpful tools, including a detailed checklist, so that you can be on the path to compliance in no time.
By ensuring your organisation is at minimum GDPR compliant, you’ll be well-positioned to adapt to the forthcoming data protection changes in the UK (as a result of Brexit) and elsewhere. Take California for example, they recently introduced their own data protection legislation, the CCPA, at the start of 2020. It was admittedly modeled in large part after the GDPR, which is generally regarded as the world’s current gold standard for data protection.
1 Data protection begins with awareness
Is it really necessary for your organisation to store a large amount of personal data for an extended period? This is a question you, and anyone responsible for data protection at your organisation, should be asking regularly.
The ‘let’s store as much as possible, maybe we can use it one day’ is an outdated mentality that has since shifted to a culture of data minimisation. Nowadays every company must carefully consider the processing of personal data (such as collecting, editing, and storing), and review their policies regularly to adjust as needed.
As your starting point, you should only collect the strictly necessary personal data and not store it longer than is necessary for the purpose for which it was acquired. Many organisations are still struggling to manage this effectively, but it sets the foundation for proper data protection measures, so it’s important to do it this way.
Consciously dealing with sensitive personal data (according to company guidelines) prevents incidents such as data breaches. But not all breaches involve malicious hackers or disgruntled employees.
In fact, the top cause of data breaches according to the latest reports from the information Commissioner’s Office (ICO) is simply…