Table of Contents
UK GDPR law, or General Data Protection Regulation, came into effect on May 25th, 2018 – bringing with it a raft of comprehensive changes to the law surrounding the safe and correct handling of personal information by companies and businesses. Though the regulations can seem inaccessible from the outset, the principles are simple – and training your staff on those principles could be crucial not just for complying with the law, but also for the function of your business.
Improving Cyber Security
This anonymisation is not only preventative but also an effective method in reducing the effects of cybercrime. In addition, GDPR law mandates the establishment of a Data Protection Officer in each company, who is the designated handler of data and of GDPR compliance. The existence of a DPO makes clear who is authorised to access or receive data, reducing the likelihood of a staff member inadvertently falling victim to a cyber-scam and releasing private information.
Reducing Risk of Lawsuits
Meeting DSAR Requirements
DSAR, or Data Subject Access Request, is a sub-section of GDPR law that enables and empowers individuals to request access to personal data held by a company or organisation. There are wide-ranging practical applications for this law, from requests to discover how much personal information a company might be holding to recovering CCTV footage that includes them, whether for personal reasons or as evidence relating to a crime or personal injury. Your staff need to know how this sub-section of the law works in order to correctly apply it to DSARs, which could be crucial to an ongoing police investigation.