GDPR Compliance
What is GDPR, main features & what makes our solutions compliant
In May 2018, one of the most significant changes in regulation of data protection and privacy will take effect – The General Data Protection Regulation (GDPR).
The European Parliament, the Council of the European Union and the European Commission proposed a legislation (Regulation (EU) 2016/6790) to strengthen and unify data protection for all individuals within the EU.
On May 25th, 2018, this legislation will become a law. Its intent is to ensure that organisations are including privacy in their security strategies and make them more accountable to their customers.
Synel can help you tick all the GDPR data related Boxes, introducing…
- Ability to store documents including agreements and consent details
- Complete management of “Right to be forgotten”, including backups
- GDPR complaint reporting
- Ability to extract all data for a SAR request
- Highly secure and PEN tested cloud solution
Key Features of GDPR Compliance
Individual’s Consent : With a view to protecting individuals and making them more aware of what companies are doing with their personal data, the GDPR law strengthens consent. On top of multiple obligations as well as exceptions, it is now up to the companies that deal with data to demonstrate that they have collected the consent of each individual before any use.
Designed Privacy
Privacy considerations must be built-in everywhere. Consider focusing on data privacy as a real responsibility to design your process correctly from the beginning. Furthermore, only data strictly required for a stipulated purpose can be used.
Data Portability
Individuals will have the right to move, copy or transfer personal data, even to a competitor. This measure aims to put power back into people’s hands concerning the treatment of their personal data and to promote healthy competition.
Fines & Penalties
The UK Government and Information Commissioner’s Office (ICO) can attribute fines and penalties to companies that commit an infringement on the GDPR law. According to recent research, cyber-attacks can cost businesses from $14.00 to $2.35 million per incident and data breaches.
Use of a Data Protection Officer
The Data Protection Officer can be an employee or a service contact, and he can inform and advise for the implementation of a general policy of governance for your data. He will be able to secure and protect personal information owned by the company.
Accountability
Accountability is defined by the ICO as “the obligation for companies to implement internal mechanisms and procedures to demonstrate compliance with data protection rules”. This includes training of employees, security reports and tests.
Certification and Security
Data security is always in the middle of data breach cases and cyber-attacks. GDPR imposes a global security obligation on companies but also on their consultants. This is why, certifications and labels will be a major advantage and a mark of trust for companies. The designed privacy of a service may be, for example, the subject of a certificate.
Data Transfer
Basically, this law covers EU businesses, plus those who process data for them, even outside the EU. Every data transfer out of the EU is normally forbidden. However, exceptions exist for certain kinds of transfers. Special contracts with non EU countries can be verified by EU authorities to allow those transfers.
Data Breach Reporting
In case of a sudden data breach, data controllers must inform local supervisory authorities, such as the ICO in the UK, within 72 hours of becoming aware. In serious breaches, individuals must be informed too.
Synel UK compliance of solutions & services
When you are working with Synel UK, you can be sure that all 2018 & above released versions of Synel UK products and services are GDPR-compliant. With Synel Software Solutions, you can be at ease that you meet all the latest GDPR regulations.
For more information, please contact us at [email protected] or book a consultation online.