GDPR (General Data Protection Regulations) are EU regulations which will make the protection of personal information stronger.
If a company has a data breach, it could result in a fine of up to 4% of global turnover. However Cyber Essentials is a baseline and GDPR requires more than just basic security protective measures in place.
As a minimum you should:
- Be registered with the Information Commissioners Office and can be fined if your not.
- You have a duty to report a breach within 72 hours. If that breach is potentially of high privacy risk.
- You also have to provide data on a person if they request it, remove data if they want it removed and change data if they want it changed.
- Personal information includes anything that can identify a person this includes IP addresses.
Cyber Essentials with IASME Governance as a good starting step for the GDPR .
Cyber Essentials with IASME Governance is one of the standards recognised by the UK Government and shows that you have prepared for GDPR.
Bespoke GDPR Package
As an IASME governing body we provide packages to assist with Cyber Essentials and IASME governance. However we do understand that some companies do not require this and wish to go for a bespoke GDPR compliance package this can also be provided.
Bespoke GDPR Package
- Dedicated qualified GDPR Practitioner assigned to your company.
- A site visit to speak face to face with your staff to see what needs to be improved.
- GDPR gap analysis with a plan to get your company GDPR compliant in the shortest amount of time.
- Assistance in creating polices and procedures.
- Unlimited phone and E-Mail support.
Cyber Essentials with IASME Governance
- Dedicated qualified GDPR Practitioner: assigned to your company
- Cyber Essentials Certification: Demonstrates that you have basic security measures in place to protect your networks.
- Answering the GDPR Question Set.:Demonstrating that your company manage and control protecting personal data and is “GDPR Ready”
- Information Assurance: Many of these are required for GDPR compliance; such as access to information, training staff and assessing the risk to the business.
- GDPR gap analysis: A remediation plan to get your company GDPR compliant in the shortest amount of time.
- Creation of GDPR compliant policies and procedures:
- Unlimited phone and E-Mail support
- Automatic Cyber Insurance: £25,000 cyber attack insurance to help deal with a data breach.
- Badges for your website: Proves compliance.