Share

2 min read

Writen by Zlatko Delev

Posted on: April 21, 2021

How to avoid fines …

Yesterday we have mentioned what are the biggest fines issued by the ICO.

The fines show that the GDPR (General Data Protection Regulation), has given enforcers like the UK’s ICO (Information Commissioner’s Office), some serious teeth. With these fines in mind, it’s a good time to make sure you’ve minimized your risk of being next in line.

GDPR is focused on protecting European Union citizens and it applies to anyone who holds personal data on an EU citizen, wherever in the world you are based. .

Here are the best practices we recommend to all organizations to follow in order to minimize the risk of a GDPR data loss fine:

  1. Minimize the risk of a cyberattack by fixing vulnerabilities that can be used to gain entry to your systems illegally. There is no perimeter, so everything matters: patch everything.
  2. Treat the cloud like any other computer – close unwanted ports and services, encrypt data and ensure you have proper access controls in place. And do it on all your environments, including QA and development.
  3. Reduce your exposure by collecting and retaining only the information you need, and making sure the only people with access to it are the people who need it to do their jobs.
  4. Ensure that everyone who might come in to contact with personal data knows how they need to handle it – this is a GDPR requirement.
  5. . Be able to show that you have thought about data protection, and have taken sensible precautions to secure personally identifiable information.

For more information on this, we are always open to discuss, and always here to help, as nobody wants to get in such problems.

Recent blogs

Most common types of GDPR violations

As GDPR effect is growing day by day and a lot of companies are affected, we would like to present

ICO published the next chapter of the Anonymisation guidance draft : Anonymisation, pseudonymisation and privacy enhancing technologies guidance

How to ensure anonymisation is effective? The ICO is calling for views on its updated draft gui

When can we refuse to comply with a SAR (Subject Access request) ?

A lot of companies are receiving SAR's almost every day. Not all of the SAR's are relevant and a lo

Get Your Account Now

Setup in just 5 minutes. Enter your company details and choose the EU Representative services you need.

Give Us a Call

Not sure whether EU Representative applies to you or which option to choose? Call, email, chat to us anytime.

06 GDPR INFO

Stay Up-To-Date

Leave your details here and we’ll send you updates and information on all aspects of GDPR and EU Representative. We won’t bombard you with emails and you will be able to tell us to stop anytime.