The General Data Protection Regulation EU 2016/679, or GDPR for short, came into force across all EU Member States on 25th May 2018. It affects the processing movement of the personal data of approximately 500 million EU citizens. GDPR describes and regulates how and why personal data should be processed and used by organizations.
GDPR considers personal data to be any information relating to an identified or identifiable natural person. Both data controllers (the data organization that determines what, how and why personal data is processed) and data processors (any organizations processing data on a data controller’s behalf) are directly subject to, and required to comply with, the GDPR. Those organisations must ensure their processing of personal data complies with the data protection principles and uphold the rights of the individual.
Companies that infringe the GDPR provisions (e.g. regarding the GDPR principles, the rights of the data subject, etc.) or fail to comply with the GDPR (for example by failing to notify a personal data breach or failing to implement appropriate technical and organizational measures to protect personal data) risk significant financial penalties.
Simply Secure will help you navigate the regulations to be compliant with the framework and offer a range of services that incorporate GDPR requirements including security monitoring, penetration testing, security assessments and training.
Let our experienced team help you through the process as your business partner.