General Data Protection Regulation (GDPR)

What is GDPR?

• In May 2018 GDPR came into force. It can be considered to be an update to the Data Protection Act of 1998 and covers how you safeguard personal data within your organisation.
• Compliance with GDPR will require updates to your systems technically, your management procedures and documentation and to how you collect and use personal data.
• Whilst there is no EU-provided badge or certificate to prove you are compliant, the IASME Consortium recommends a path towards compliance that can demonstrate the steps you have taken.
• Taking steps towards compliance will mitigate potentially huge fines from the Information Commissioners Office (ICO) should you suffer a data breach. ( ie DO NOT DO NOTHING )

What is IASME?

IASME (Information Assurance For Small And Medium Enterprises) is an Information Assurance Standard and is managed by the IASME Consortium which operates a network of certification bodies. iTeam is one of those certification bodies.

IASME was originally an academic-SME partnership, the standard was developed in 2010. The standard covers your organisation systems – ensuring your procedures and policies are in place to effectively and securely manage the information in your organisation. It covers the secure management of all data in your organisation including paper documents as well as those stored digitally.

Certification to the standard requires the completion of a questionnaire that asks about the measures in place to manage the security of your information. The work to gain the IASME Gold standard cannot be done exclusively by a third party as you need to adopt the procedures and policies as part of your management system. However, as certification body ourselves iTeam has been trained to know what each of the questions require for compliance and can advise you accordingly.

Find out more

Contact us to find out more about how we can help you become compliant with GDPR using the Cyber Essentials, IASME Gold and GDPR Ready route.