The General Data Protection Regulation takes effect from 25th May 2018 and looks to strengthen data protection for individuals within the European Union. Despite our imminent departure from the EU, the Regulation will still apply to organisations of all shapes and sizes across the UK.
The primary aim of the GDPR is to protect all EU citizens from privacy and data breaches in an increasingly data-driven world that is vastly different from the time when the Data Protection Act 1998 came into force. Although the key principles of data privacy still hold true, many changes have been proposed to the regulatory policies. Some of the key principles of the GDPR, as well as information on how IT@Spectrum can help organisations to become compliant, can be found below:
Part of the expanded rights of data subjects outlined by the GDPR is the right for data subjects to obtain from the data controller confirmation as to whether personal data concerning them is being processed, where and for what purpose. Further, the controller shall provide a copy of the personal data, free of charge, in an electronic format.
IT@Spectrum provide a solution which creates a full history of every document within your organisation, available in an instant, showing who has scanned or seen it and how it has been distributed. This will ensure the information is fully auditable if a data subject makes a request under their Right to Access.
Also known as Data Erasure, the right to be forgotten entitles the data subject to have the data controller erase his/her personal data, cease further dissemination of the data, and potentially have third parties halt processing of the data. The conditions for erasure include the data no longer being relevant to original purposes for processing, or a data subject withdrawing consent.
Our solution places information in an easy to retrieve format making the process of removal simple should it be required. By indexing and storing data in a secure way, we can ensure data stored in your hardware and software is safely and easily removed when this data is no longer relevant.
Privacy by design as a concept has existed for years now, but it is only just becoming part of a legal requirement with the GDPR. At it’s core, Privacy by Design calls for the inclusion of data protection from the onset of the designing of systems, rather than an addition. More specifically - 'The controller shall implement appropriate technical and organisational measures in an effective way to meet the requirements of this Regulation and protect the rights of data subjects'.
IT@Spectrum enables you to easily and accurately collect, store, retrieve and dispose of data in a secure way from the start. Our Information Management software enables documents to be digitally archived, securely stored and deleted once the legally mandated time-period has expired. Documents can be scanned and automatically saved and indexed, distributed to the correct people, and disposed of appropriately when required. Our software offers a 360 degree solution to secure storage.
Technical security measures to protect computerised information are of obvious importance. However, many security incidents relate to the theft or loss of equipment, or to old computers or hard-copy records being abandoned. Strong physical security measures will help you manage how you control access to documents, dispose of paper waste and keep equipment secure.
IT@Spectrum enforces rules and privileges relating to your documents – ensuring maximum security and control over who has access to each individual piece of information. Introduce secure release printing, control rights for staff who print and ensure that your documents are only available to print by the concerned individual.
Call our team today to discuss your needs and let us identify potential savings and opportunities across your organisation