What does GDPR consider as personal data?
• Personal Home Addresses
• Contact Names
• Personal Contact Numbers
• Personal IP Addresses
• Personal Email Addresses
• Racial or Ethnic Origin
• Political Opinions
• Religious Beliefs
• Sexual Life
• Physical or Mental Health information
• Whether the customer is a member of a trade union
• Any criminal offences
What does GDPR mean for UK businesses?
GDPR has also introduced strict penalties for companies that suffer data breaches. In the event of a data breach, businesses could be fined up to 4% of global turnover or €20 million (£16.9m) – whichever is larger.
Protecting your client’s data is now more important than ever; but did you know there’s a little more to data protection than ensuring your business server is kept in a locked room over night? Have you thought about how protected your Cloud based systems are? What about all your business emails, your finance software as well as historical and current paperwork?
What to does it mean if your company has a data breach
The Information Commissioner’s Office (ICO) used to be able to inflict a maximum penalty of £500,000 on companies that fail to adequately protect their customers’ information.
If your business has a data breach, whether this is from a cyber-attack or human error, you have the responsibility of reporting it toThe ICO within 72 hours of the occurrence. If you fail to notify the ICO within the stated timeframe of 72 hours upon discovery of data breach the 2% of annual turnover penalty may apply.