General Data Protection Regulations (GDPR)
On 25 May 2018 GDPR came into force to give data protection legislation a much needed facelift. Whilst the basic principles of data protection remain unchanged, the Regulations provide greater rights for individuals and a say in how their data is used and stored.
The Regulations focus on transparency, in being open and clear about the reasons for collecting and processing data and who that data might be shared with. A further focus is on accountability, in being able to demonstrate awareness of the general principles of data protection, and compliance with them by ensuring adequate risk assessments are carried out and measures put in place to ensure data security.
The financial penalties for large scale data breaches have increased significantly to a maximum of £18 million or 4% of turnover, whichever is greater.
Here at Zeva we have undertaken an in depth review of our data processes in order to identify any risks and have put a number of measures in place to ensure data security and compliance with GDPR, ranging from the implementation of several policies to seeking assurances from those we engage with that they have adequate measures in place, and much more in between.