Author Gary Hibberd
The General Data Protection Regulations (GDPR) promises to be one of the biggest changes in Data Protection laws in over two decades. A good indication of the size of the change is just how many people are talking about it.
If you’re not aware of the core details by now, I suggest you take a look at the ICO’s website, or check out people such as David Henry , Ian Grey , Emma Butler and the GDPR Awareness Coalition . These are people offering genuinely interesting insight and helpful advice on the topic (there are others too!)
About Agenci and my approach
What we need is good, solid and honest conversations/guidance that explains what we need to take to evidence compliance (italics intentional).
Over the coming weeks I’m going to explain our approach to this topic in context of Cyber Security, Security frameworks, Hacking and general good practice. With your help, and those named above I’m going to share insights in to the right (and wrong) approach to achieving better data security.
I’m going to do this by writing in my style (some love it – some hate it. But it is my style). I’ll point you to helpful resources; blogs, articles, webinars/seminars and events so that you are better prepared to evidence compliance.
I don’t believe you can ‘achieve’ compliance to GDRP. You aren’t going to get a certificate on your wall after you buy a product/service. No one is coming on the 25th May 2018 to ‘audit you for compliance’. What you need to do is to evidence that you have taken reasonable steps to meet (comply?) with the law.
Your core ingredients today are;
- Put GDPR on the Board agenda
- Create a project plan
- Start today
I’ll see you soon.