The General Data Protection Regulation (GDPR)

Texaport works with businesses offering GDPR consultancy.

We liaise with legal advisors to provide the most accurate guidance. The GDPR or General Data Protection Regulations came into force in May 2018 and sets guidelines for the gathering, storage and use of personal data by businesses and public bodies. The knee jerk reaction of most businesses dealing with personal data has been to purge their marketing databases and any records of personal data out of fear of prosecution.

 While the GDPR implements a new set of regulations it mostly builds on the Data Protection Act of 1998 which businesses already had to comply with and provided they were working on this or working within the scope of this Act has not required a great deal of change.

For businesses unfamiliar with Data Protection or bewildered by the volume of information concerning GDPR, Texaport offers a wide range of support including GDPR consultancy.

Our standard process around Cyber Security is a 5 step process preceded by an informal chat with our Data Protection guru.

Scope

We first look at what personal information is handled within the company

Audit

We do a thorough analysis of the data's storage, access, and management so as to bring everything in line with the Government's standard.

Report

We break down area's for improvement and needed change in your current data management environment

Implement

We help you enforce these changes and offer protocols and steps to follow going forward

Review

We re-check our initial breakdown and confirm that all points have been completed satisfactorily

The GDPR Process

The General Data Protection Regulations concern Personally Identifiable Information, or PII, and the gathering, storage and use of this by businesses and public bodies. When considering liability for personal data, or vulnerability to persecution, businesses first need to identify their processes, procedures and need for data. Texaport work with clients to complete detailed “Data Scoping” documents which help to identify, locate and “map out” Personally Identifiable Information throughout the organisation. This data can take many forms and be scattered throughout the organisation so will involve a cross-department approach to complete. Once data has been scoped throughout the organisation Texaport can work with clients to ensure GDPR compliance with the regulations.

Much like a financial audit where an auditor would investigate the accounts, inventory and processes of an organisation to ensure compliance and correctness, a Texaport audit will look into the Technical capacity of the organisation in relation to GDPR compliance.

General Data Protection Regulation FAQ

The GDPR is a Law and set of rules which are intended to give individuals more control over their personally identifiable information. This includes your name, address, credit card number, date of birth, religion and more. Any company who stores and/or uses this information for marketing, payroll or any other purpose has to comply with these rules.

PII or Personally Identifiable Information is defined in the GDPR as “any information relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person”.

The maximum fine is €20 million or 4% of “worldwide turnover”, whichever is greater.

The scale of the fine depends on the extent and impact of  the error or breach.

Unless you have taken on specialist help in data protection there is a good chance that you will not be compliant with the GDPR.

This is an important question you will be entitled to have an answer to from all of your suppliers. These storage locations will be subject to the same regulations as the companies who have requested or use your information.

The main implications of GDPR are policy, process and software based. Hardware will factor into this when newer, more secure, software has been released which the hardware cannot run. If that software patches vulnerabilities to your secure system or prevents the compromise of personal data your hardware could cost €20 million.

The full text of the GDPR can be found here.

Or contact us for more information.

How can we help?

Cybersecurity News

We can solve virtually anything.

Key Services

We focus on four key service areas to support our clients’ business needs:

IT Support

We provide proactive monitoring, maintenance and support services for your organisation's entire IT system, saving you time, money and headaches.

Cyber Security

We are a highly accredited service provider able to support all your IT security requirements. Find out how we can help your business.

Cloud Services

We are cloud specialists. Our cloud services can significantly reduce the cost of managing and maintaining your IT systems whilst ensuring business continuity.

Connectivity

Getting your people connected is another of our key service offerings. We can put in place all your required connectivity requirements.