New data protection rules from the EU General Data Protection Regulation (GDPR) replace the Data Protection Act in the UK from 25 May 2018.
The government has confirmed that the UK will replace the 1988 Data Protection Act (DPA) with legislation that mirrors GDPR, post-Brexit. This means that any business, big or small, will be required to comply with GDPR - which deals with secure collection, storage and usage of personal data.
GDPR is designed to safeguard personal data of citizens from EU member states, with particular emphasis on transparency and accountability. It applies to all businesses in the EU and non-compliance will lead to substantial fines.
At Fitzgerald & Law, we take data security and privacy extremely seriously and believe that the GDPR is an important step forward for clarifying and enabling individual privacy rights.
Under any compliance regime, it is easy to state compliance but much harder to prove. To this end, we have implemented an information security management system which is certified to the requirements of ISO27001:2013.
What is ISO 27001?
ISO 27001 is the standard created by the International Organisation for Standardisation (ISO) which deals with Information Security Management. It’s a way of making sure that we’re managing information security risks effectively. ISO 27001 is an internationally recognised standard. The aim of the ISO 27001 standard is to help us to establish and maintain an effective Information Security Management System (ISMS), using a continual improvement approach.
We have systematically examined any risks to the organisation’s information security and put in place policies and procedures to manage those risks. We will maintain and continually improve controls and measures to manage any threat.
You can read our Data Security Policy here.
You can also read our GDPR Privacy Notice for Job Applicants here.
Click here for F&L Financial Services Limited Privacy Notice.