Encryption USBs and GDPR- How to ensure your business is compliant

Many businesses have felt the growing pressure to improve data protection practices, with the arrival of GDPR in May 2018, but what exactly is it and how can Encrypted USBs help to ensure your business is compliant with this EU regulation?

What is GDPR?

GDPR stands for General Data Protection Regulation. It is a regulation which seeks to replace the outdated Data Protection Directive which EU firms have adhered to since 1995.

With it, comes a host of new regulations that companies within the UK need to abide by including... 

  1. Appointing a Data Protection Officer/s (DPO) in large organisations to manage data and report potential data breaches to governing bodies. 
  2. Establishing a cybersecurity programme which protects all sensitive data handled by an organisation. 
  3. Improving the security of data processing standards to ensure data is not easily misplaced or misused. 
  4. Documenting accountability- keeping up to date records of any data breaches that have occurred (even near misses) and report any breaches to as soon as possible.
  5. Understand consent - all companies must provide proof of consent in order to contact individuals beyond the original transaction. 
The overall aim is to unify and strengthen existing data protection for all individuals within the EU. For the UK, even with Brexit fast approaching, the law will apply to businesses who still seek to trade with EU companies (which is the majority of SME's to some degree).
It is also most likely that a version will be adopted into official UK law once the country leaves the union so it's not something that can be avoided.

 

What will happen if I don't comply with GDPR?

The official guidelines state that companies can be fined up to 2% of their annual turnover or €20 million whichever is greater in value.

This is for the most severe of violations including failures to report a substantial data breach, losing sensitive customer data, or not providing proof of consent when contacting large numbers of customers.

This is something that most businesses can't afford to not take seriously. 

 

When does GDPR come into effect?

GDPR is already part of EU law and has been since it's approval on 14th April 2016, and officially became enforceable as of the 25th May 2018. 

 

How do Encrypted USBs help firms become prepared for GDPR?

The key to becoming GDPR compliant is making small changes to everyday processes where data is used.

In general, companies that handle large amounts of personal data are the ones who must seek to adopt best practices when it comes to this new regulation. Financial, Healthcare and Education sectors, for example, are considered high risk for data breaches due to the amount of sensitive information they hold, however, generally speaking, all firms should be prepared.

Encrypted USBs help by ensuring that information shared between different parts of an organisation are secure at all times, which in turn addresses points 2 & 3 listed above whereby all data is protected and is processed in the correct way. 

As well, if such USBs are stolen or lost it is deemed to be a security breach and NOT a data breach and therefore doesn't have to be reported to the supervisory authorities. 

 

What Encrypted USB should I look at for my business?

Businesses should always look for hardware encrypted USBs as standard. These types of USBs are designed from the base up with security in mind and have protocols which operate separately to that found in a PC or OS ensuring that they cannot be easily hacked. 

USB2U stocks a range of such USBs, including SafeToGo® Solo USBs and encrypted Kingston USBs, both of which offer robust hardware encryption and password protection as standard. 

Our comparison chart may provide you with further information about which encrypted USB stick is best for your business. 

SafeToGo Solo USB

For more general information about data encrypted USBs please take a look at this USB2U article or alternatively get in touch with our dedicated team at [email protected]. Encrypted USB sticks offered by USB2U can be branded with a company logo, name and even serial numbers if required. Make sure to take a look at our full range here.