GDPR has changed the way all UK companies store and manage their business and personal data including employee data with the intent of strengthening and unifying data protection for all individuals. It gives people more control over how their personal data is used, and it provides businesses with a simpler, clearer legal environment in which to operate.
The Information Commissioners office (ICO) now has the ability to issue much larger fines for data breaches and non-compliance than under the DPA which is spurring many companies into action. But we believe GDPR should be seen as a great opportunity to get your organisations data and processes in order by following best practice.
Organisations need to start by understanding their own data – what data they have, how they are storing it, how they use the data, and why they are keeping it and in turn carry out a risk assessment on that data. Data includes information you hold about your staff, your clients or service users and potentially, data that you might store on behalf of clients through services that you provide to them. Once this review is complete, you should update your internal information security policies to ensure you are taking appropriate steps to protect the information, and are using it in a way that wouldn’t be a surprise to the individuals concerned.
“We trust ramsac as our IT partner, they offer a well-targeted and cost effective alternative to a big in-house team and we would recommend them to any small business with similar IT needs to us.”Read the case study
“We can be confident that should an issue arise it will be identified and dealt with swiftly, quite often without our prior knowledge, by an expert who knows exactly what we have, how it works and how to resolve it with minimum or no impact on the business.”Read the case study
“ramsac has provided us with full IT support over the past few years and we have come to rely on them heavily for the smooth running of our IT environment. They really have taken the stress out of IT for us with their proactive rather than reactive approach”.Read the case study