The latest in NEWS, RESOURCES and JOBS

Lower the TCO of your legacy data wareho
  • Caspar James - Tech Journalist

GDPR is now three: has it made a difference to the way businesses store data and who has been fined?

The European Union's General Data Protection Act (GDPR) was launched in 2018, how has the replacement to the Data Protection Act 1998 impacted the way companies store and handle data. The original act was designed by Parliament to protect personal data stored on computers or in organised paper filing systems. With the introduction of GDPR, this now covers the way data is stored electronically. To date 600 companies have been fined for breaching the new data protection regulations, with fines ranging from €28 up to €111 million.

GDPR was put in force as legislation that protects the way data can be used, stored and processed, regarding consumer's personal details in organisations that operate in the EU. The Data Protection Act it replaced didn't take into account the use of technology and the way data was collected. When GDPR was first introduced there was worry in the business community at the responsibility that businesses now had to introduce to protect the data storage of their customers and consumers. With the thread of big fines, if it could be proved that companies had been negligent while storing the personal data on their company's networks.

Data is now regarded as a commodity in its own right and as such, the responsibility for handling and storing personal data has to be a main priority for all companies that data capture the personal details they then store on their systems. Every business had to comply if they stored any form of personal details of customers, and even went as far as including the images filmed and stored on company's CCTV systems.

The ICO (Information Commission Office) oversaw the introduction of GDPR in the UK by contacting every business and asking them to register and pay an annual fee, in order to agree to comply with the new GDPR regulations. All businesses had to comply whether they were a large organisation or small business with a CCTV outside used as a part of a security system, with small businesses paying as little as £40 per year to register.

The first major company to be fined under the GDPR data breach was British Airways who was fined £20 million by the ICO and fines are based on 10% of profits for an organisation. The ICO ruled that BA had been negligent as hackers were able to infiltrate the airlines website with malicious code that then redirected its users to a fraudulent site which then harvested the personal details of 5000,000 customers. These details included login credentials, booking details, customers names, credit card information and addresses. The size of the fine sent ripples throughout the entire business community. The ICO and GDPR was going to be taken seriously from now on and all companies had to be extra vigilant and protect their data from any sort of breach.

Marriot International, the hotel chain, was fined £18.4 million, as it did not have the sufficient safeguards in place to protect the data of their guests. A data breach had taken place in 2014 and only when they had to agree to GDPR in 2018, that they admitted the earlier data breach, when the details of 300 million customers had their credit card details exposed, which included other personal details such as passport numbers and dates of birth.

Google was also in breach of the regulations and was fined €50 million by CNIL, the French data protection regulator. This fine was due to lack of transparency by Google regarding their online ads, where inadequate information and lack of consent when users viewed personalised ads. Google had not informed users about how data would be collected for personalised advertising.

The Swedish retail group H&M was fined €35 million, for leaking highly confidential data of hundreds of staff working at its customer services centre in Nuremburg. These leaked details included information gathered from personal staff interviews between managers and employees and included details of employees personal lives and health data. These details had been stored and were only supposed to be accessed by managers, but other H&M staff were also able to access these confidential files. All leaked data was immediately deleted when the breach had been discovered.

Since the introduction of GDPR all businesses now have a 'duty of care' to their customers, clients and staff, when collecting, handling and storing personal data. As digitally stored data is now so highly regarded by hackers, companies must make it an absolute priority to keep any personal data safe.





Parting the clouds. 

for greater security

Covid-19 has landed CSOs a unique opportunity to embrace web isolation.

Eliminate malware threats with zero trust 

Isolation-powered security provides full protection against email and Web based threats.

7 Customer Service Mistakes Companies Should Avoid Making

2020 was a tumultuous year but it did bring customer service back to the forefront of the business planning agenda for 2021. As you plan and prioritise your initiatives, it is important to avoid mistakes.

Integrating Compliance into Innovation: Taking Control Over Customer Communications

Compliance is one of those areas that is better off unnoticed. When compliance does get attention, it is usually because something has gone wrong and that is something that keeps executives up at night. It is easy to see why. 

Artificial Intelligence Based COVID Signature

Detection Software

The software takes the X-Rays and CT scans in digital format and analyses the X-Ray reports through uploading the images which is followed by detailed report about the patient suffering from COVID19 or similar ailments.

Six Steps to Drive Your

Process Center of Excellence to Success

Find out why yo need a center of excellence - and how save you time and money while improving experiences for both your customers and employees. 

Steps to Deliver Data You Can trust at the Speed of Business

Why trusted data is the key to digital transformation. Discover and cleanse your data. 

Organise data you can trust and empower people

Automate your data pipelines and enable data access.

2021 Threat Report 

Four Key Trends in the Cyber-Threat Landscape.

The security implications of remote working, SaaS takeover, rise of fearware, server side attacks, ransomware and Darktrace immune system.

Safe, inclusive communications for the University of Innsbruck

The open matrix is the foundation for secure, collaborative academic research and learning. Keen to support its learning culture, the university wanted to introduce a real time messaging system. 



to our latest RESOURCES

to keep up to date with the

latest whitepapers