GDPR Week 1 – Easy Wins and ICO Registration

GDPR Easy wins for all small businesses that hold personal data to some degree. For some, this could be employee information. For others, it could be a client database rich in personal information about its customers. Whichever category you fall in to, we are all likely to need to do some steps to prepare for the new General Data Protection Regulation coming in to force on the 25th of May 2018.

As part of our effort to minimise the burden of technology, we want to offer help and advice to prepare your IT systems for these new changes.

Over the next few weeks, we will be sharing what we have been learning on our way to ensuring our own EU data protection GPDR compliance. We’ll start with the easy wins because who doesn’t like an easy win!

Easy Win 1 – Register with the ICO

This week we were informed by a business partner that only 9% of UK businesses registered with the Information Commissioners Office (ICO), a staggeringly low number of companies.

Not everyone would consider themselves as a data controller but if you process any personal information you probably are and should be registered. It’s simple to check by following the steps at this link https://ico.org.uk/for-organisations/register/.

As an aside note, the Information Commissioners (ICO) website is full of information on GDPR and worth a read through if you have time.

Easy Win 1 – Quick and simple to sort, no outside help required and in the most part cheap too!

Easy Win 2 – Machine Encryption

Full machine data encryption has become more comfortable with modern operating systems like Windows 10 Professional (BitLocker) or Mac OSX (FileVault). Encrypting your computer means that someone has to have a unique password (or encryption key) to peek at its contents should they get access to your physical hard drive.

It is common to download files and attachments to your PC, and these will often contain some form of personal information. Keeping control and knowledge of where these files are is very difficult on any network. By encrypting the whole machine, you can cover all data on a PC in one go and so saving you time and effort (that’s a hidden easy win!).

We recommend that all of our customers encrypt their computer hard drives as this will significantly mitigate the risk if a machine is lost or stolen. Incidentally, personal data that is stolen or lost should be reported as a breach to the ICO under the new general data protection regulation 2015 rules within 72 Hours!

We Do Your IT are happy to help you enable this protection, give us a call to find out more.

Easy Win 2 – Easy for us to sort for you if you don’t have the time or skills to sort yourself!

Easy Win 3 – Web Contact Forms should have SSL Certificates

We all probably submit our personal information on a website fairly regularly without overthinking about it. However, if you own the site and it has a contact us page where you collect personal information such as Name, Address or Email address you should have an SSL certificate to ensure the captured data from your potential customer is encrypted.

This feature is available for all of our We Do Your Hosting Customers for £5 + VAT per month. We manage everything for you including any renewals so it couldn’t be simpler. If you are interested in adding this to your website, just let us know, and we will get it done.

Easy Win 3 – Cheap and straightforward for us to sort for you!