After two years, and following ratification of the UK Data Protection Law (2018), the General Data Protection Regulation (GDPR) has come into effect and Redstor has all the expertise required to help organisations comply and remain compliant.
With 20-years experience in helping organisations manage and protect data, Redstor is a specialist in helping organisations keep data secure and protected in line with data protection laws.
Personal data regulation and protection is the main component of the legislation. It defines personal data “as any information relating to an identified or identifiable natural person (‘data subject’): an identifiable natural person is one who can be identified, directly or indirectly, in particular reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.”
The law also places more emphasis on the role of data processors who now not only have the obligation to ‘assist the controller in ensuring compliance’ but they also cannot process data without permission to do so and without abiding by the written instructions of the controller.
Organisations will have a duty to report certain types of data breach to the relevant supervisory authority. A data breach refers to not only data loss but also to the deletion or unauthorised access of data.
Under the regulation there are also conditions where the data controller must notify the data subject of a breach.
The company’s experience in-and exposure to both the UK and South African enterprise markets means that it can assist businesses in both countries with compliance.
It is ready to support European companies that must comply and remain compliant, including with the appointment of a Data Protection Officer to monitor internal compliance, inform and advise on your data protection obligations, provide advice and act as contact point for data subjects and the supervisory authority.
At the same time, it can also assist African and South African businesses to work with GDPR compliant vendors.
With this updated focus on protecting personal data, it is important for organisations to implement processes and reduce the possibilities of data breach or loss. Methods such as pseudonymising or encrypting data can be used to ensure that this part of the regulation is being complied with.
One of the most publicised aspects of the GDPR has been the major fines that organisations now face for non-compliance or if a major data breach occurs. The fines can be substantially larger than under previous legislation. They can be as high as €20 million or 4% of Global Turnover, whichever is greater.
Redstor has undertaken a strategic partnership with GDPR compliance experts, GDPR365, to offer a technical compliance software tool.
“As a data processor, Redstor understands the enhanced level of responsibility it has under GDPR to ensure the security of data that can identify an individual, we will work with end-users and partners to ensure their adherence to the GDPR. The EU’s new data protection regulation is complex to understand and implement. GDPR365 reduces the risk of non-compliance by giving each company an intuitive cloud-based hub with customised, thoughtful workflows to simplify the compliance process by organising it into clear, simple and assignable tasks,” says Jaco Benzien, Data Protection Officer at Redstor.