[GLLUG] Charity WiFi, a bit off topic
James Roberts
j.roberts at stabilys.com
Wed Mar 28 09:38:14 UTC 2018
On 27/03/18 17:14, Marco van Beek via GLLUG wrote:
> Most of the technical requirements of the GDPR have been law since 2003.
No that's not quite right.
It's been in force for just under two years, but there has been a
moratorium on enforcement which expires on the 24th of May 2018.
The thing in force since 2003 is the Data Protection directive, which
dies on the 25th. Much of it is similar, but there's the 'buts'
> It's just that the fines are going up by a lot so people are finally
> paying attention.
Yes, but it's not just that. There's much more stringent requirements
and there's no exclusions for small organisations (some still believe
there are, due to a proposal in the drafts - the final issue now only
excludes the requirement for some documentation for companies <250
employees).
> Running an insecure network that holds personal sensitive data could be
> considered negligent and the directors of the organisation could be
> prosecuted.
Just so, and they will try to shift the blame to some scapegoat in IT.
Or a contractor.
> It's a bit like Y2K all over again. There are consultants out there are
> making a small fortune out of companies that should have known better.
Too true. There's loadsa bull, but a real issue or two, and most at the
very SMB end don't even seem to know it.
I'm a consultant, though just IT general, not in GDPR, but have had to
bone up on it to save my clients/myself. No one has paid me a
€cent/dime/penny to do so, so far...
:)
MeJ
--
Stabilys Ltd www.stabilys.com
244 Kilburn Lane
LONDON
W10 4BA
0845 838 5370
More information about the GLLUG
mailing list