It Is All About The Data
Posted on 12th May 2020 at 12:42
As individuals and as businesses we live in a world that is very social online. No matter what the size or sector of your business, one thing is for certain, you will be sharing, exchanging, and gathering data in lots of different ways, sometime without even realising it.
Businesses are responsible for all of the data they gather, share, keep and dispose of whether they are:
Sharing information with contacts, suppliers etc
Maintaining employee or customer information
Protecting their business from cyber criminals & and attacks
Putting appropriate measures in place to protect their business and their data subjects
No matter what, it’s all about the data!
The data you have
The data you store
The data you share
The data you protect
What about the data I have?
As a business you will have customers, you may also have employees and suppliers. Over time the information that you gather, hold and manage on customers, employees, and suppliers will change, it will inevitably increase, it will need to be replaced, removed. The data you hold must also be necessary for you to carry out your business.
Data takes on many forms. It may be:
Informational
Transactional
Maintained
It may be electronic or on paper
All of this requires management of data, it needs some infrastructure around it to ensure its managed in a way that is compliant.
What about the data I store?
As a business develops over time it has to become more efficient, the same applies with the data held and the accumulation of this over time. This data that is collected is used to help us develop. We can use it in so many different ways across various platforms:
Email
Payroll
CRM
Accounting
HR
Social media
Marketing
Business intelligence
Deliveries
Data can be used effectively in so many different ways but think about all of the people that have or could access this data. As a business this needs to be managed and monitored within an infrastructure that supports compliance.
What about the data I share?
We really don’t realise or have the bigger picture around how much we share our data as a business. This not only goes across the various functions within a business and the people within each of these functions, it also sometimes goes out to third parties, outsourced partners, and suppliers.
Can you honestly say that you know exactly where and who has access to your data?
To be compliant and show that you are responsible with the data that you hold requires solid processes which must cover:
How your data is shared
Why your data needs to be shared
Who you can share your data with
What about the data I protect?
The data contained within your organisation, isn’t your data, you are simply a “Guardian of your galaxy” in this case the galaxy is your data, this is reflected particularly by GDPR (General Data Protection Regulation).
For any organisation GDPR determines the way data should be:
Created
Managed
Stored
GDPR also determines how long data should exist and most importantly when it is time to remove the data, wherever it is stored. Also, data must be removed securely without compromise.
GDPR expects every organisation and its people to be accountable for the data within their galaxy and the protection of this in line with “Appropriate Technical & Organisational Measures”. Most data issues arise from the people with a business.
To protect your data
GDPR requires each and every business to implement appropriate measures. These must include:
• Only appropriate people have access
• Electronic data is encrypted & non-electronic data has suitable security protocols
• Security software is installed & managed
• All devices are always up to date with full patch management
• Both physical & logical perimeter access controls are in place
Next steps
Data is one of the most important currencies within your business and like any currency it needs to be kept safe, secure, and protected, just like the money in the bank. Failure to take responsible care of your data not only impacts GDPR compliance for which there are enormous financial penalties that can close a business down, but can also result in:
Loss of good reputation
Loss of trust
Loss of customers
Loss of revenue
To protect your business, we provide you with:
An appropriate measures audit to check where there are gaps or shortfalls that need addressing to protect your business
A website audit to ensure your website and data gathering is compliant
Data management training for those responsible and using your data
From specialists with over 25 years of experience within data management and protection we help you protect your business and the data within it as part of an ongoing journey.
Call: 02890 022344 - Email: info@jcbcs.com
Share this post: