IT, Data, Network and Cyber Security
At present, we have two main regulations that affect how we collect and process personal data; the Data Protection Act (DPA) and the Privacy and Electronic Communications Regulations (PECR). The DPA will be replaced by the General Data Protection Regulation (GDPR) officially and fully in May 2018.
The PECR stays but I wouldn’t be surprised if it gets wrapped up in a future update to the GDPR so, for the time being, our business activities when it comes to collecting and processing personal data, must comply with both sets of regulations and that could mean a lot of work needs doing by a lot of businesses.
But don’t panic, we’re here to help and, unless you already had a GDPR expert salesperson through the door, also help keep your costs down while you go through the transition – and beyond.
This is all about data privacy, security and protecting each and every one of us from, lets face it, the dark side of the modern world in which our entire life story is on one or more databases somewhere and we can be hacked, tricked, scammed or worse; have our entire identity taken over by someone who will stop at nothing until they have drained our bank accounts and made life an absolute living hell.
Every time some data goes missing or is used inappropriately, someone gets hurt and that is why I am fully in favour of the new rules that will, I hope, restrict what businesses (and scammers) can get their hands on and what they can do with the data once they’ve got it.
For many years, all the different EU states have had their own rules and regulations governing how data can be collected and used – and we’ve seen the mess that that has created for all of us. The GDPR is the first big step to harmonising the rules for all EU states and any business from anywhere in the world that does business with any EU citizen. Phew! About time.
Yes, that means little businesses that sell a bit of software, the Indian SEO gurus who spam our email boxes day in day out, the person in the Philippines selling expert services for a fiver – right up to the likes of Apple, Vodafone, BT, Facebook, Microsoft, eBay and Google. Compliance is not an option just because they are not based in the UK or EU.
Brexit won’t make any difference either and nor should it. We need to be in this and we need to stay in it. We need to police it, rigorously and enforce it to the letter to protect each and every single one of us from scams, spam, fraud and all the dangers that have made headlines (and many that snuck under the radar) over the last couple of decades.
The guidance provided on this website or in any subsequent communication does not constitute legal advice. Lincolnshire IT Limited’s interpretations, observations and recommendations are based on data protection and privacy good practice and the practical, operational, implications of the GDPR as we interpret them.