Legal practice and business I.T data protection
RES Info-Tech offers GDPR consultancy and assists law firms and businesses in meeting those legal obligations too. 'Thrive2Distinction' is our process consultancy brand, with a specific qualification in Data Protection Compliancy.
GDPR applies to all controllers and processors of data to which, all businesses MUST comply. Compliance comes into effect on 25th May 2018. If your are a processor, the GDPR does place a specific legal obligation upon you. Therefore you will have a significatly higher legal liability for any data breach.
GDPR applies to the processing of Personal Data and Sensitive Personal data.
All legal practices should start preparing now!
How will GDPR affect you and your legal practice?
The government are taking a no nonsense approach to the data protection and this includes the law society. So why should any other business be any different? The 1998 DPA Act has been omissing new technologies from its compliance laws. Now, with social media, online services, USB and external storage devices, phones and a vast exchange of personal data in most transactions, all businesses, including legal firms must protect customers and suppliers data at all times. As a result GDPR has been created.
The definition of personal data includes information as specific as an online identifier, such as an IP address. Not just a date of birth. GDPR relates to HR records, contact details, customer and supplier lists and email addresses used in marketing campaigns. As businesses scan Passports, driving licences and utility bills to prove identities, data must be stored securely, and backed up.
Sentive Personal Data:
GDPR relates to sensitive personal data for example: These include genetic data, and biometric data used to uniquely identify an individual. You may not think this matters to you, but how many of you open your smart phone with a thumb print?
Be under no illusion, GDPR enforces compliancy to protect the consumer and the fines for data breaches are extremely high:
Up to 10 million Euros, or 2% of the worldwide annual revenue for the previous financial year, which ever is greater.
Up to 20 million Euros, or 4% of the worldwide annual reveneue of the previous financial year, which ever is greater.
What to do?
It is wise to find out what your legal obligations are:
How can Thrive 2 Distinction help?
With over 30 years in commercial Information Technology and data services consultancy, we will be able to offer a full GDPR consultancy.
We will provide a compliancy audit within your business which will include:
- Current data protection within your I.T systems
- Level of security upon the data being held by your business
- Data backup, routine inspection
- Business continuity plan inspection
- Disaster recovery plan inspection
- Office and departmental data processes review
- Email and electronic communication review
- Online presence review (Facebook, Linkedin, Twitter, web etc)
- Mobile technology data protection process
- Personal and Special personal data process consultancy
- Right to store and data erasure policy consultancy (right to be forgotten).
Each audit will have a post inspection review to assist in areas of improvement or legislation failure. We can work with your staff and departments to ensure processes or procedures are implemented to meet compliance. Our consultant can provide a full one day consultancy, or be available to work with your teams for longer periods of time during projects.
Thrive 2 Distinction can take appointments today. Please contact us on 01702 480281 or contact our consultant directly, below.
What does GDPR Consultancy cost?: