- Products & Solutions
- Access choices
- Application performance management
- Internet services
- IP address management
- Managed network services
- Virtual Private Network Services
- Network services solutions
- Business technology services
- CRM professional services
- IT professional services
- Network professional services
- Unified communications professional services
- Field force automation
- Flexible working services
- Managed mobility services
- Secure remote access
- Telecom expense management
- Mobility solutions
- Why BT
We are proud that our work is recognized time and again by customers, analysts and professional organizations.
Learn how organizations just like yours get better when they work with us.
Innovation is at the heart of BT’s business.
Catch up on the thoughts and opinions of our experts in our blog.
Explore and debate the big issues with us as we bring together the latest insight on the hottest IT trends.
How we put our customer first.
- About us
We’re well placed to be your trusted partner as you digitally transform your business.
Where the exchange of fresh ideas and information gets up close and personal.
Meet Luis Alvarez, CEO, Global Services and the rest of his leadership team.
- My Account
28 March 2017
Blogs by author: Jose Francisco Pereiro Seco , Head of Data Security Europe, BT.
Digital transformation unlocks huge potential — and raises significant data protection and privacy risks. Here’s what the GDPR means for your security.
Regulatory change for a digital world: GDPR.
On 14 April 2016, the European Parliament adopted a new regulation that will replace the 1995 Data Protection Directive. The EU 2016/679 regulation (also known as the General Data Protection Regulation or GDPR) covers the protection of natural persons with regard to the processing of personal data, and the free movement of such data.
The GDPR comes into force in May 2018, giving citizens of EU countries greater rights over their personal information, and placing greater obligations on organisations to protect this data. At the highest level, it gives citizens the right to be forgotten, the right to know when personal data falls into the wrong hands (e.g. hackers) and spells out the need for explicit consent (in certain cases) prior to processing personal information.
Why the GDPR needs to be top of your agenda.
The GDPR is a hard-hitting piece of regulation that comes with serious consequences for organisations who fail to comply with its strictures.
You have just over a year to get to grips with it, making now the ideal time to plan and implement how you’re going to ensure compliance. With fines of up to four per cent of your global annual turnover, diligent investigation and planning seems prudent. Particularly when achieving compliance requires more than putting a new process or piece of technology in place.
Your organisation currently faces the challenge of reassessing your entire security landscape through the prism of the impending GDPR. You need every aspect of your security to understand and protect personal data, so that you can confidently comply with the various legal, regulatory and industry requirements. It’ll also be important to be able to demonstrate that you have in place the security measures appropriate to the risks you face, and the criticality of the data you hold.
Without a successful security strategy in place, it’ll take just one data-security breach to trigger financial, regulatory and reputational consequences.
Getting your security ready for the GDPR.
With the tight timescales, thoroughly preparing your security infrastructure and data handling processes for the GDPR can seem daunting. But we recommend four simple steps to ensure you’re ready for the May 2018 ‘switch on’.
1.Start by achieving a thorough understanding of how personal data moves around your business. Make sure to take into account the associated processes, too.
2.Establish a specific work stream for security review (using gap analysis and assessment) within your data-protection programmes.
3.Get working on addressing any gaps you identify and redesign the relevant security architecture where necessary.
4.Reassessing your technical and organisational security controls to support compliance with the GDPR, with particular focus on developing security processes to detect and mitigate data leaks.
Preparing for the GDPR means taking a fresh look at how you view data protection and security. But investing the time and effort to get it right will open new doors for your organisation in this digital age.