Massive GDPR Fines
The massive fines issued by the ICO to BA and Marriott in the last week (£183 million and
£99.2 million respectively), have brought data protection and GDPR back into sharp focus for many companies.
In the run up to the new legislation becoming law in May 2018, many companies put massive effort into ensuring compliance, but since then many have lost momentum when nothing seemed to have really changed.
These new fines highlight the importance of ensuring that your data processing activities are lawful (privacy by design), but also secure (security by design). Many companies have updated their business practices to take into account the first element, by gathering enhanced consent and revising business processes, but too many are not considering the security of their systems and adopting an "it'll never happen to us" approach.
If you handle personal data as part of your business it is essential that you consider the security of the systems you use to process it. Factors such as: shared passwords for access to systems, insecure passwords, inability to control or report on who has shared data and with whom, can leave your business at risk.
If you recognise any of those practices within your business, or if you are not sure if your systems are secure or not, get in touch with Johnson IP Technology. Be it through the application of new systems, applying enhanced security to existing systems, or by process consultancy, we can help.
Get in touch today at firstname.lastname@example.org or on the phone 020 3670 2039.