GDPR
Ensure you stay compliant with government regulation
General Data Protection Regulation, or GDPR, came into effect on the 25th May 2018, and it enshrines in EU law an individual’s’ right to data privacy. The regulation will still apply to the United Kingdom when it leaves the EU, and all UK companies must be compliant. Micro Pro have a team of experts ready to help you achieve GDPR compliance, and create a strategy to remain compliant in the future. Each of our clients is assigned a dedicated data privacy consultant to ensure the process of planning and implementing a GDPR strategy is as streamlined and easy as possible. We can also offer ongoing support to your organisation’s nominated Data Protection Officer, and audit new systems as they are added to your infrastructure. We believe compliance should be straightforward, so why not take the headache out of GDPR and call us today.
- Our team of experts have in-depth knowledge of GDPR requirements
- Dedicated data privacy consultant
- Competitive pricing
- Priority service available
Achieving GDPR Compliance
There are seven key principles of GDPR, and there are a number of practical ways in which a company needs to be compliant. Broadly, these can be broken down into the following key areas:
Personal Privacy
Individuals have the right to access their personal data, correct errors in their personal data, have their personal data deleted, object to the processing of their personal data, and export their personal data. Systems and processes must be put in place to facilitate this.
Security & Internal Control
Organisations are required to take all reasonable measures in protecting personal data. GDPR technical requirements vary depending on data processing activities, but some measures apply to all organisations. Systems must be hardened against attack and password policies implemented and enforced. If a data breach occurs, the relevant supervisory authority must be notified within 72 hours. Consent must be obtained for processing data, and records detailing data processing must be kept.
Policies
Organisations are required to provide clear notice of data collection, detail data processing purposes and use cases, and define data retention and deletion policies.
Training
A data Protection Officer (DPO) must be appointed if you are a public body, or if you carry out certain types of processing activities. All employees involved in the control or processing of personal data should receive appropriate training.
- Protect an individual’s personal privacy
- Protect personal data held within the company
- Train nominated privacy personnel and employees
How Micro Pro Help With GDPR Compliance
Micro Pro’s expert GDPR services start with a thorough GDPR audit and GDPR risk assessment of your existing systems and processes. Servers, desktop machines, laptops and other devices are all checked for security, data processing is assessed, and policies are reviewed. We will provide a full report and and make recommendations that may include improved security such as next-generation firewalls, two factor authentication, active threat detection and more. We will help you implement changes to your marketing activities to bring them inline with GDPR requirements, including personal data collection, retention policy and mechanisms, and data deletion. We will also provide training where appropriate, enabling employees to adhere to policy and recognise threats to data security in the form of malicious emails, social hacking, and other forms of attack.
- Audit existing systems and processes
- GDPR compliant marketing
- Security and Disaster Recovery