EACS - Effective IT for Business
0800 8047 256
United Kingdom
EACS on LinkedIn EACS on Twitter EACS on YouTube EACS on Facebook EACS on Google+ EACS on Pinpoint

General Data Protection Regulation (GDPR)
Supporting Your Journey to Compliance

Currently organisations who have operations in the UK need to comply with the Data Protection Act 1998 which regulates how personal information is used by organisations, businesses and the Government. The Information Commissioner’s Office (ICO) is responsible for the enforcement of the Act.

A new regulation, known as the EU General Data Protection Regulation (GDPR), will become fully enforced on 25th May 2018 and applies to all EU member states, along with all organisations that do business with EU member countries and organisations that store or process data relating to persons within the EU.

This increases the obligations of organisations to protect personal information that they store or process. This Regulation will necessitate significant effort by organisations (businesses and public authorities) to change their policies, procedures and data protection governance frameworks in order to comply.


Understanding The Key Changes
The scope of the existing data protection law has been expanded and now equally covers both data controllers and data processors established in the EU and the UK. The key areas of change to existing data protection laws are outlined below:
  • Fines can be levied of up to €20 million or 4% of worldwide revenue
  • Organisational accountability for the protection of personal data
  • Extended rights for data subjects—including data erasure and portable data
  • Organisational responsibilities when sharing data with third parties
  • New obligations on data processors
  • Completion of Privacy Impact Assessments (PIA’s)
  • Establishment of a mandatory Data Protection Officer (DPO) for some organisations
  • Mandatory notifications to ICO and data subject for certain data breaches
These changes require a wholesale review of an organisation’s data policies.

EACS can help ensure your organisation is ready for GDPR through a range of services from awareness and training, to hands-on restructuring and consultancy:
Education Analysis Remediation IT Security Solutions
Awareness sessions Consultancy Services Data Classification Archiving & Categorisation
GDPR Foundation Certification Big Data Analysis Services Restructuring Auditing & Monitoring
GDPR Practitioner Certification Cyber Essentials Assessment Compliance Data Loss Prevention
Cyber Essentials Certification     Device Control
      Endpoint Protection
      Firewall & Perimeter Security
      File & Disk Encryption
      Identity & Access Management
      Patch Management

Contact EACS and start your journey towards GDPR compliance. 

EACS on LinkedIn EACS on Twitter EACS on YouTube EACS on Facebook EACS on Goolge+ EACS on Pinpoint