What is it? and how can Caseva help?
What is GDPR?
The general data protection regulation is the newest piece of legislation from the European Union. It has been constructed to help bring the previously outdated UK data protection act of 1998 up to speed, recognizing new threats and the previous shortcomings of the previous act. The new GDPR will be active from the 25th of May, but that does not mean you can sit around waiting until then, the time to act is now. New GDPR regulation has been put in place for many different reasons, but one main aimis to ensure the safe processing and storage of individual’s information. The responsibility expands the rights of individuals to control how their personal information is collected and stored by organizations and companies. In turn, this adds pressure to small and large companies to make sure they are complying and protecting individuals and customers as effectively as possible. No longer can your information be passed around and shared freely, and companies now have to take every and any precaution necessary to prevent a leak of data or any personal information.
Another new aspect of the GDPR is that consumers and customers now have the right to be forgotten. This means if you contact a company requesting them not to email or call, or store any of your personal information, they have to honor this.
If you are a company storing data, you will need to have the appropriate security measures in place, whether its a physical item, or data encryption for any computer stored information. Come the 25th of May, you will be expected to be able to demonstrate how you are upholding the new GDPR regulations.
How Can Caseva Help?
In the modern age we live in, most of the new GDPR is mainly applicable to electronically stored data. But depending on your scale of company you may still have actual physical data at your premises which needs just as much care as any other data. Whether transporting documents, or simply storing files at your place of work, you should be taking every step necessary. With our 20 years working with police forces and the like, we have fine-tuned our products to be the best in file security and transportation.
For your online or computer files, we at Caseva recommend taking the appropriate steps to make sure your computer is correctly protected from any threats, whether it be a hack, or installing enough security measures to prevent any access to stored information. You can do this by attaching the appropriate encryption and anti-virus software. Another great way of storing your electronic data is by placing it on to a hard drive, which in turn, can be stored in a locked container or safe. If you are found to be not installing and upholding the new regulations and guidelines, then be prepared for a hefty fine.
Here are a few of our products that can directly help you with physical data storage and transportation. All of these products come with a security tether, which allows the user to safely anchor their case to a physical item offering an extra level of peace of mind.
Caseva Products - Document Security
What aspects of data will fall under the new GDPR?
Any information relating to a person that can be used directly or indirectly to identify that person.
- Full name, email address, date of birth, IP address / website cookies
- Purchases, downloads, subscriptions and services used
- Questions and responses, promotions used, survey responses
- Financial history, banking/credit, payment transactions and donations
- Healthcare and education services used
- CCTV recordings, gender identity, location data, credit card data
- Judgements/sanctions, government services
- Internal account numbers, pins and passwords, IMEI’s, National insurance number
- Driving license number & passport number
GDPR Highlights Data protection Principles:
Personal data must be processed according to the six data protection principles.
- Data is processed lawfully, fairly and transparently
- Data is collected for specific legitimate purposes
- Adequate, relevant and limited to data that is necessary
- Data must be accurate and kept up to date
- Only stored for as long as is necessary
- Ensure appropriate security, integrity and confidentiality.
Accountability & Governance:
You must be able to demonstrate compliance with the GDPR:
- Keeping a detailed record of how all your data is processed and managed.
- Data protection impact assessments (DPIAs) for high risk processing operations.
- Implementing appropriate measures to secure personal data, physical and non.
- Staff training and making staff fully aware of GDPR.
How you can prepare:
Depending on your scale of company some of these features will be more appropriate than others:
-Educate your board/trustees/governors on governance and accountability.
-Get a budget
-Get support from an expert
-Get your staff trained
-Make sure all physical data is protected and secure at all times
-Prepare for a wide range of eventualities with regards to potential transport
-Activate virus scanning and malware detection software
-Use encryption tools such as bitlocker and file vault
-Use 12+ character alphanumeric passwords
-Don’t send emails containing PII
There is a lot of information to process with regards to new GDPR, and depending on your company or organization, different aspects of the law will affect you differently. We recommend checking out DPO Centre, where a lot of the information in this page was obtained from. They have a full breakdown of the new regulations, allowing you to make informed decisions.
If you have any further questions regarding GDPR or how Caseva can help you, please feel free to email or call us and we will be happy to answer any questions we can.