As you may already be aware the EU's General Data Protection Regulation (GDPR) is a new piece of EU legislation by which the European Commission intends to strengthen and unify data protection for individuals within the European Union. The GDPR also deals with the export of personal data outside of the European Economic Area.
The GDPR was adopted into law by the EU on the 27th April 2016 and will therefore enter into force on the 25th May 2018. Under this regulation all organisations will have to comply with the new codes of practice laid down in the GDPR for the storing and processing of 'personal' data. Regardless of the issues around Brexit this change in EU legislation will have an impact on all UK companies who process or store personal information about individuals.
As both a data 'controller' and 'processor' Synectics Solutions has been fully briefed about the changes to EU legislation that the GDPR will require, and is now adapting its processes to ensure that they comply with the requirements stipulated within the regulation. To provide clients and business partners with some reassurance about this we would like to confirm the following in regard to our intentions;
- Synectics Solutions now has its own formal GDPR compliance programme in progress, which is being over-seen by our Chief Information Security and Data Compliance Officer, Steve Sands.
- This programme is now actively being reviewed every two weeks by the Legal & Compliance Director within Synectics Solutions, Marian Humphreys, to ensure it is on track and has Board level scrutiny.
- The programme is designed around the '12 step ' guidance provided by the UK Information Commisioners Office (ICO) . It is intended to ensure full compliance with the GDPR in advance of the 25th May 2018 deadline.
- In addition to this, in early 2017, we will be engaging with Clients to advise on GDPR implications for the services we provide , and also to understand the work they are doing (and challenges they face) in preparing for this change.
- The contact for any GDPR-related questions is our DPO (Steve Sands) . He can be reached at ; [email protected]
To download a PDF of this announcement for your organisation - Click Here
To download a copy of the ICO '12 step guide' to the GDPR - Click Here