Contact Us

Contact Us

Please get in touch using the form below

I prefer to be contacted by:
View our privacy policy
Find out if your organisation has been compromised by the Zerologon Windows server vulnerability. Download Zerologon Detector.

Overview

The GDPR - ensuring a high level of data protection across the UK and Europe

The General Data Protection Regulation (GDPR) is one of the most wide-ranging pieces of legislation passed by the EU in recent memory. It was introduced to standardise data protection law across the single market and give people in a growing digital economy greater control over how their personal information is used.

Scope

Who does the GDPR apply to?

All organisations that process personal data and operate within, or sell goods to the EU are impacted by the GDPR. The definition of processing is designed to cover practically every type of data usage and includes collection, storage, retrieval, alteration, storage and destruction.

The GDPR applies to both data ‘controllers’ and ‘processors’. Data controllers determine the purpose and manner in which data is processed. Data processors are any third-party undertaking data processing on behalf of a controller.

Brexit

How does Brexit affect the GDPR in the UK?

In the UK, the requirements of the GDPR are implemented and ratified by the Data Protection Act 2018.

Under the UK’s Brexit Withdrawal Agreement Bill, a transition period will run until December 31, 2020, during which time the GDPR and DPA will continue to apply side-by-side. During this transition phase, the UK and EU will attempt to negotiate a new data privacy arrangement, but the UK government has stated that the majority of GDPR and DPA provisions are likely to remain in place.

Personal data

What is personal data?

Article 4 of the GDPR defines personal data as ‘any information relating to an identified or identifiable natural person’. For most organisations, this means implementing appropriate measures to protect information relating to employees, customers and partners. The GDPR expands the definition of personal data to include all information that could be used to indirectly identify individuals. Other examples of personal data include:

  • ID numbers
  • IP addresses and cookie IDs
  • HR records
  • Customer contact details
  • Health records
  • Biometrics
  • CVs and employment details
  • CCTV and call recordings

Need advice or help from our friendly team?

Get in touch

GDPR v DPA

How does the GDPR differ from the Data Protection Act (DPA) 1998?

Personal information

An expanded definition of personal information to include online identifiers such as IP addresses.

Increased sanctions

An increased level of fines for organisations that fail to comply and/or suffer a personal data breach.

Data Protection Officers

The need for some organisations, such as public authorities, and those that process large amounts or special categories of data, to appoint a Data Protection Officer.

Consent

A tightening of the consent rules governing the collection and use of personal information.

Right to be forgotten

The right for individuals to be forgotten, by requesting the erasure of their personal data from company records.

Privacy by design

Promotion of privacy by design - ensuring data protection is taken into account at every stage of a product development process.

Article 5 Principles

Personal data shall be...

Processed lawfully, fairly and in a transparent manner
Collected for specified, explicit and legitimate purposes
Adequate, relevant and limited to what is necessary
Accurate and, where necessary, kept up to date
Retained only for as long as necessary
Processed in an appropriate manner to maintain security

Protecting personal data

The importance of ensuring the security of personal data

In order to ensure ongoing data security, principle six of the GDPR states that personal data should be processed in an appropriate manner.

Protecting personal data against unauthorised processing, accidental loss and destruction forms an integral part of measures all organisations should take.

Read our GDPR compliance guide
A cloud environment being monitored for threats

GDPR Solutions

Tailored solutions for GDPR compliance

By helping you to understand and address gaps in your organisation’s cyber security as well as proactively detect and respond to threats when they occur, Redscan’s managed security and assessment services support swift, hassle-free GDPR compliance.

ThreatDetect MDR

Managed Detection and Response

Award-winning support to rapidly detect and respond to the latest threats 24/7

Read more
A range of security assessment services

Assessment Services

Specialist engagements to uncover and address hidden cyber security risks

Read more
A person choosing from a range of Managed Security Services

Managed Security Services

Expert help to manage and monitor your choice of security technologies

Read more

Get in touch

Complete the form for a prompt response from our team.

I prefer to be contacted by:
View our privacy policy

Resources

Discover our latest content and resources

From the blog
From the blog Case studies Latest news
20th October 2020
Remote working leaving UK businesses more vulnerable to cyber-attacks
New research suggests that while 60% of UK businesses experienced a cyber-attack and 44% of them were hit by a data breach over the past 12 months, 37% don't have a cyber incident response plan.  
6th October 2020
Europol report warns of cybercriminals targeting people working from home
Europol, the European Union police agency, has warned in a new report that cybercriminals are targeting people who are spending more time online due to the pandemic.
2nd October 2020
Redscan releases Zerologon detection tool
Redscan Labs has released Zerologon Detector, a detection tool that can help organisations to determine if they have been compromised as a result of a newly-disclosed, critical vulnerability in Windows Netlogon (CVE-2020-1472). Read more
30th September 2020
Redscan named in Gartner MDR Market Guide
Redscan is one of only two UK-based providers recognised in Gartner’s 2020 Market Guide for Managed Detection and Response. Read more in our press release.