Data and IT security should be on the radar and agenda for every business. It is one of the most complex and widespread problems we are currently facing in the use of communication and information technology and covers the full spectrum of government, businesses and our daily life.
The scope of Data and IT security is recognised as a specialist area. Best practices, guidelines, and frameworks like ISO27001/27002 are helping businesses to get a holistic view on this matter. However dealing correctly with Data and IT security will impact your organisational behaviour and structure, technical infrastructure systems and staffing.
There is no silver bullet, there is only the road of continuous improvement.
A key element of Data and IT security is the continuous protection of personal data. Privacy of personal data (which can also be in written files) must be protected against misuse and theft. This privacy protection is one of the regulated steps to be taken, known as General Data Protection Regulation (GDPR).
What does it mean for our members?
BASDA members are very familiar with the implications of Data and IT security.
Most of our members develop and maintain software, run IT infrastructure and service their customers with IT solutions.
They need to incorporate Data and IT security into their organisation, products and services and continuously develop and govern this.
Data and IT security is part of the business and requires, besides management commitment, and technology investments, also cultural change.
Prepare for GDPR
GDPR will come into force on 25 May 2018, when the UK is likely to still be in the EU.
To be compliant requires timely preparation.
- Start to consider which parts of your operations are established in the UK and may be affected by proposed changes.
- Identify personal data flows from the European Economic Area to the UK.
- If the UK also leaves the European Economic Area at the time of leaving the EU, flows of personal data from the European Economic Area countries to the UK will become prohibited without new adequate safeguard measures being adopted.
- Identify your UK establishments which monitor the behaviour of, or offer goods and services to, citizens in the EU/EEA.
- Such UK establishments may be subject to GDPR despite Brexit due to the new territorial scope of GDPR which extends beyond the EU.
- Monitor the UK data protection authority’s statements on Brexit, GDPR and how to remain compliant – current ICO guidance is to continue to prepare for GDPR.
- If your main EU establishment is currently in the UK, consider where your No. 2 establishment in the EU is based, as that is likely to be where your lead EU data protection supervisory authority will be located under GDPR.
- Consider with expert input how best to marry your UK compliance programme with approaches which also appropriately anticipate sensitivities and requirements from your expected lead data protection supervisory authority.
- Check for relevant developments at regular intervals and keep your plans up to date accordingly.
Commitment from BASDA
We continue to actively understand Data and IT security requirements and GDPR related issues and to keep our members informed accordingly.
With solution oriented recommendations from members and partners we will share our views, solutions and experiences.
We are committed to helping our members achieve the best result for their business and customers.
News and Insights
Keep up to date with Industry News and Insights from across the BASDA membership.
Tell us about Xledger UK My name is Jo Sutton. I am the Operations Director at Xledger, a next generation Cloud ERP system of choice for over 9,000 customers in more than 60 countries worldwide, with offices in Colorado, Oslo, Stockholm and Bristol, UK. Xledger is a...read more
Adam Morris, Founder and Managing Director, Avagio With over 20 years’ experience in the IT industry, our guest blog by Adam Morris, Founder and Managing Director, Avagio tells BASDA why a Password Manager should be a fundamental part of your Cyber Security processes...read more
Our Member of the Month feature celebrates our members and the work they do. This month we’re taking a look at our member Taxfiler Limited – in conversation with James Reeves, Director. Tell us about Taxfiler Taxfiler build cloud solutions for accounting...read more