Over the last few months your inbox and social media feeds will probably have been overrun with stories, resources and other training opportunities relating to the GDPR and the need to comply by 25th May 2018. Despite all the noise, and two years advance notice that the GDPR is coming, we’re still seeing postings on social media saying “What is the GDPR?”.

Cardwave, a company that helps organisations across the world to secure and distribute their data has launched a new campaign called People’s data matters to try and help raise awareness of the importance of protecting data whether it be your own, your business, customer or employee data. This is especially pertinent given the GDPR.

The logo developed for the campaign represents a person, their information (the ‘i’) and data and will be included on forthcoming product campaigns that relate to protecting data.


So you still don’t understand what the GDPR is all about?

If you truly haven’t heard of the GDPR, you need to start taking notice now and not bury your head in the sand, it isn’t going away. It WILL affect you, and even after Brexit, our UK laws will align with what is now being implemented in the UK.

The changes in the data protection laws reflect the realities of the digital age and the need for people to take more control over their personal data. This has to be a good thing for individuals – the confidence that personal data stored is safe (e.g our employee details), the right for individuals to be forgotten and the right to not be bombarded with marketing messages etc.


People’s data matters

Your customers and employees need to be able to trust you with their personal information or, as the law calls it, their personal data.

A lot of the rules and themes of the new data protection law are building on what is already in the current UK Data Protection Act so it is not a complete change to what you are already doing.

Don’t be complacent and think a breach will never happen to you or that you will never receive a complaint against you, or about how you are handling someone’s personal data.  You could risk HUGE fines under the GDPR – in fact 4% of your annual turnover or up to €20 million, whichever is greater.

Don’t delay and get caught out. You don’t need to sign up and pay hundreds of pounds on manuals, courses or consultancy, there are plenty of resources out there such as The Information Commissioners Office (ICO) which offers free and clear guidelines to compliance. To get started they have a self-assessment tool: https://ico.org.uk/for-organisations/making-data-protection-your-business/making-data-protection-your-business-self-assessment/


Key points to take on board immediately

  1. Know the law is changing – you know now, so that’s one thing you’ve done already!
  2. Make sure you have a record of the personal data you hold and why.
  3. Identifywhy you have personal data and how you use it.
  4. Have a plan in case people ask about their rights regarding the personal information you hold about them.
  5.  Ask yourself: before I collect their data, do I clearly tell people why I need it and how I will use it?
  6. Check your security.This can include locking filing cabinets and using hardware encrypted USBs when travelling off site that hold your staff or customers’ personal data.
  7. Develop a processto make sure you know what to do if you breach data protection rules.
  8. Don’t panic: ICO are there to help. For example, you can click here to see some frequently asked questions and their answers for several different business sectors.


So what parts of the GDPR can Cardwave help you with?

Cardwave offers two GDPR compliant AES-256 XTS hardware encrypted USBs – SafeToGo® and SafeToGo® Solo for data security on the move. If you were to lose your USB in transit your data will still be secure, because anyone trying to access it will be locked out after 10 incorrect password attempts.

SafeToGo® has the added advantages of enabling larger organisers to manage multiple drives through SafeConsole. This is a management platform from one of our partners and enables organisations to geofence their USBs, as well as provide remote kill and other useful features.

SafeToGo® Solo is a more competitively priced option for individual users and SMEs who do not wish to use the SafeConsole management system alongside the USBs.

For further information please see visit here.


So what are you waiting for? Get GDPR compliant or risk the fines…



Recent awards and recognitions:

SafeToGo®, a hardware encrypted USB from Cardwave was a finalist in the 2017 Computing Security Awards.

Cardwave was named as an organisation of good practice in the Parliamentary Review 2017.