Connect with us
Our website publishes news, press releases, opinion and advertorials on various financial organizations, products and services which are commissioned from various Companies, Organizations, PR agencies, Bloggers etc. These commissioned articles are commercial in nature. This is not to be considered as financial advice and should be considered only for information purposes. It does not reflect the views or opinion of our website and is not to be considered an endorsement or a recommendation. We cannot guarantee the accuracy or applicability of any information provided with respect to your individual or personal circumstances. Please seek Professional advice from a qualified professional before making any financial decisions. We link to various third-party websites, affiliate sales networks, and to our advertising partners websites. When you view or click on certain links available on our articles, our partners may compensate us for displaying the content to you or make a purchase or fill a form. This will not incur any additional charges to you. To make things simpler for you to identity or distinguish advertised or sponsored articles or links, you may consider all articles or links hosted on our site as a commercial article placement. We will not be responsible for any loss you may suffer as a result of any omission or inaccuracy on the website.

BUSINESS

GDPR: Bridging the Gap

By Harshini Carey ,Regional Director – Neupart UK 

Even though the GDPR deadline is looming, it’s important that organisations don’t neglect their other information security practices. Chances are that you’ve been following best practices and internationally recognised standards up until this point and GDPR shouldn’t change that.

The problem seems to be that many companies see GDPR as yet another regulation that they’ll need to comply with. But as the ICO has stressed, the GDPR is not a revolution in data protection regulations, it’s an evolution. We’ve had regulations such as the Data Protection Act for a while now. The GDPR is simply an update that will ensure a better treatment of individuals’ personal data. 

Don’t Think Big, Think Smart

Rather than wasting resources by running data protection and information security management on two parallel tracks, data protection should build upon your existing information security measurements because the two have plenty in common.

For example, one of the things that the Data Protection Regulation emphasises, is that you assess the most immediate threats to your organisation and build your data protection program around them. This is the same kind of threat-based method that the ISO 27001 standard promotes. So if you’ve been complying with the ISO 27001 standard, you’re already well on your way to complying with the GDPR.

In fact, the better you maintain your current safety standards and procedures, the closer you are to GDPR compliance. That’s why it’s so important you don’t approach GDPR as a project that needs to be built from scratch. Rather, carry out a gap analysis, figure out where you stand in relation to the new regulation, and then simply bridge the gap.

Continue Reading