April 9, 2020

What’s the difference between data security and GDPR?

Data Security is a heading for ensuring your data fulfils the following criteria:

  • Availability - Accessible by those authorised to use it
  • Usability - Format pertinent to necessary usage
  • Currency - Sufficient date clarity for optimising usage
  • Complete - All relevant data available in both time frame and scope
  • Confidentiality - Secure, controlled and safe
  • Integrity - Unchanged, undamaged, complete, known location

GDPR[1] is EU legislation that focuses on what is legally required (rather than just “nice to have” or “necessary to have”) and is specifically focused on personal information handling by organisations.  The better known aspects cover:

  1. Information you hold. ... – what is held, by whom, for what purposes
  2. Lawful basis for processing personal data. ... – why data is held
  3. Consent. ... – permissions required to hold data
  4. Consent to process children's personal data for online services. ... – specific measures to further protect children’s data
  5. Vital interests. ... – exceptions to consent and lawful basis
  6. Legitimate interests. ... – exceptions to consent and lawful basis
  7. Data Protection Fee – annual payment to ICO[2] to oversee above

Thus, while GDPR is an important piece of legislation within the field of Data Security, it is defined by the personal information tag and thus represents a relatively small part of the overall Data Security arena. It does not cover, for example, any anti-corruption, anti-hacking, anti-ransomware or general awareness of data control protocols outside of the personal data sphere.

The Key Point is that organisations cannot just comply with GDPR and then relax.  Data security is not all a legal obligation.  From the point of view of your organisation’s sustainability, reputation, general good management and to respect the work that went into creating that data, data security is a vital requirement of any organisation’s day to day livelihood.

[1] General Data Protection Regulations

[2] Information Commissioner’s Office – the UK’s Data Security Authority

Secure Business Data

We are here to help you secure your business data using cutting edge technology.
linkedin facebook pinterest youtube rss twitter instagram facebook-blank rss-blank linkedin-blank pinterest youtube twitter instagram