There's just no hiding away any more, should you handle data, it is up to you to protect it. One of the most common themes of the 21st Century is Data Protection, and, as we move into the digital information years, more and more companies are harvesting data about us all. What we do, where we are going and the personal data that we share is all part of it. Isn't it inevitable then that the amount of data breaches is going to keep rising in the years to come?
In this age, we have to protect ourselves first and foremost from information getting into the wrong hands, the trouble is, some company directors have forgotten this applies to them too and are only learning about the GDPR in a court case with their organisations. I don't mean to be negative but this leads us to the conclusion of responsibility, whose is it and why? Responsibility for information governance lies at the top, that's why ISO 27001 focuses on leadership at clause 5. We can help you to process information sensibly and responsibly.
What you need in your business or organisation is information harmony. This is when you are satisfied that you have done all that you can, assessed the information that you handle, asses who accesses it and assess the residual risks to you after you have taken action to protect data. If you want to be compliant with regulations, start by being responsible, that should get you though any loops that are placed in front of you by the Data Protection Act 2018 or General Data Protection Regulation 2016. Start with a risk assessment of your information and contact us for advice.