The way data is protected, stored and secured is changing!
The EU Data Protection Directive is still a key topic with proposed regulations and amendment being made to ensure data is handled in a more stringent way, taking into account data procedures, accountability and data security measures.
In terms of accountability, larger organizations defined by the EU as enterprises with 250 or more employees will still need to appoint a data protection officer, solely focused on securing information and preventing a data breach. Whilst small businesses under 250 employee will not.
The Act is likely to require any organisation holding data to ensure that it is secured within a facility with stringent security measures. Any third parties providing data processing services should be vetted to determine security measures are in place.
Breaches of data security will need to be notified to the regulator within a set timescale, procedures need to be in place to response to this. Working with the right data processing provider will help to investigate and provide this information.
Although the proposed regulation is undergoing extensive negotiation and changes, the main concepts are likely to remain. The proposed financial penalties for non-compliance are severe! Implementing some of the necessary steps now will secure a stronger position when the Directive comes into play.
Datanet can help organisations facing these issues with our highly secure hosting facility, we have fully embraced ISO27001 addressing information security risks and implementing stringent controls to mitigate against these. For more information on data processing and how to store this information security please contact us.
Blog by Natasha Ginn – Datanet