The General Data Protection Regulation (GDPR) is a law that took effect in 2018 that applies to any organization that processes or retains data on any citizen of the countries that form the European Union. While UK citizens were covered under GDPR when implemented, as a result of Brexit, on Jan. 1, 2021, the UK rolled out its own version of the law.
Both versions of GDPR (EU and UK) are the toughest privacy and security laws in the world. Each law includes hundreds of pages of IT requirements for organizations around the world. And the reach of the laws extend to every organizations in the world, regardless of location, if they target or collect data related to people in the EU or UK.
What is the UK-GDPR?
Following BREXIT, the United Kingdom implemented its own version of GDPR, which took effect on Jan. 1, 2021. While the UK version is largely based on its EU counterpart with many common requirements, the UK-GDPR changes key areas of the law concerning national security, intelligence services and immigration. Any website, company or organization that processes personal data from individuals inside the UK is required to comply with the UK-GDPR – even if the website or company isn’t itself located within the UK.
Compliance Process Automation for GDPR (EU & UK)
Both GDPR standards leaves much to interpretation. They say that companies must provide a “reasonable” level of protection for personal data, for example, but they don’t define what constitutes “reasonable.” This is why it’s essential to have a tool like Compliance Manager to help you document your reasonable efforts.
One or both of these regulations impact the IT operations of organization that processes and/or stores personal data on residents of either the UK or anywhere in the European Union. Compliance Manager for GDPR covers both regulations.
Who’s Responsible For GDPR Compliance?
Both GDPR standards define several roles responsible for ensuring compliance: data controller, data processor and the data protection officer (DPO). The data controller defines how personal data is processed and the purposes for which it is processed. The controller is also responsible for making sure that outside contractors comply. Data processors are the internal IT groups that maintain and process personal data, or outsource all or part of their IT to an MSP. That’s why it’s essential to have a role-based tool, like Compliance Manager, to ensure compliance with the law.
LET US SHOW YOU HOW IT WORKS!
Ready to buy now? Click on the Buy Now button. Need to know more? Request a demo and we’ll show you how it works.