Coming into force on the 25 May 2018, GDPR is applicable to all businesses with an established presence in the EU, regardless of where in the world the data is held or processed. The regulations introduce tougher fines for non-compliance and breaches in data protection, and put the onus and accountability onto companies for data safety. There is also a requirement for organisations to demonstrate compliance with data protection from the outset. Businesses that are unprepared for the new regulations risk potentially catastrophic fines for non-compliance of up to €20 million, or 4% of their global turnover, whichever is higher.
The new GDPR solution from Hill Dickinson, The Compliance Foundation and Xyone Cyber Security will enable companies to get ready for GDPR, offering them direct access to a “one-stop shop” for all their GDPR requirements via a new portal. Key benefits include:
- an online self-assessment tool to help a company identify its GDPR needs
- a repository of online advice and guides for firms with simple requirements
- access to specialist GDPR programme resources and tools for businesses with more complex needs
Together, the combined expertise of Hill Dickinson, The Compliance Foundation and Xyone Cyber Security will enable companies to achieve GDPR compliance by:
- navigating the new legal obligations to be imposed on data control and processes
- clarify what should be included in all their data processing agreements
- protect their data and the infrastructure and applications that support it
Recent high profile data breaches such as Three Mobile have highlighted the adverse impact that companies may suffer after such incidents. The new regulations will significantly increase the negative impact of these types of breaches on a company’s reputation, as large fines may be issued.
Commenting on the new service, Mark Weston, partner and head of information technology, intellectual property and commercial at Hill Dickinson, said:
'The new GDPR legislation has significant implications for all organisations and how they manage their data. Everyone, from SMEs to large enterprises, must act to ensure compliance by May 2018, as the regulations will introduce new conditions that must be met for the processing of personal data to be lawful. Our new partnership with The Compliance Foundation and Xyone Cyber Security gives businesses the legal, compliance and IT tools to meet this challenge all in one place. We believe this offers a simple, easy-to-access solution to a complex regulatory change.'
Stephen Robinson, CEO at Xyone Cyber Security, comments:
'GDPR represents a significant increase in the data security obligations on businesses. Some companies will need to upgrade or improve their technology systems, management and security arrangements, on top of the legal and compliance requirements. We look forward to working with our partners to help organisations navigate the new requirements.'
Rick Freeman, Executive Director at The Compliance Foundation, comments:
'GDPR will increase the number and complexity of compliance policies and processes firms need to have in place, including enhanced reporting obligations, tighter deadlines, and tougher penalties for failure. Many companies face a significant administrative burden to ensure compliance with GDPR. Our one-stop solution with our partners provides an ideal service for businesses worried about meeting the new requirements next year.'
Find out more about our 360 GDPR solution.