European Data Protection Law
Under the EU Data Protection laws everyone has the right to protection of personal data, this transpires to businesses as under these laws the data they get of clients makes them data controllers, and as data controllers you are responsible for it and the protection of it. Data controllers must determine the purpose of the data that they collect and what it is used for, anything outside of the purpose of the data can be considered a breach in the right to their protection of personal data as it is no longer in their control and within the parameters of purpose outlined. As a result of this law, businesses must now make it clear what the data is going to be used for and must have data protection safeguards in place to ensure that the data they control is secure.
The new laws state that data controllers must respect the privacy and data protection rights of those personal data is entrusted to them. This is reaffirming that data controllers are responsible for the personal data that they have and that they must also do what they can to protect it. Because of these laws, the UK government is looking to invest nearly £2bn into ensuring that businesses can protect their client’s personal data.
The new scheme is called the National Cyber Security Strategy, and will run until 2020. The scheme is designed to ensure that Britain is a safe place for businesses and hopefully increase the amount of trade done both inside the UK and exporting from the UK. Under the new scheme the UK will be at the forefront of digital safety and will mean that the knowledge and skill of our cyber security experts. It may also result in the development of new technologies to combat cyber crime bringing to life a whole new market for cyber protection.
Despite Britain opting out of Europe it is expected that the laws for data protection are adopted by UK law and thus this investment is being made. It will also be a key feature of any trade that we get with the EU as the EU parliament want to ensure the security of all its data including data that is outside the European union.
The new data protection laws will mean that all personal data must be protected by data controllers this will include all medical data, that is going to be collected and has already been collected. Medical businesses that collect data will be able to use the new scheme in order to be able to protect there data in the long term, however, in the short term they will have to look to other methods of protecting data, including data encryption and Cyber Insurance should a breach occur.
Take a look at our Quote and buy system for cyber insurance.