GDPR – the need for Cyber Essentials


What is GDPR?

The General Data Protection Regulation (GDPR) is the European Union’s attempt to bring data protection up to date with the new or previously unforeseen ways that data could be used.

Since the Data Protection Act 1998 was introduced the way organisations use and store data has changed significantly; thus the need for it to be replaced by this new regulation. GDPR sees the introduction of a single set of data protection rules throughout the EU with the privacy of data the key concern and with tougher fines for those who breach regulations or fail to comply.

The EU is looking to clarify what businesses can and can’t do with data throughout the EU whilst giving people more control over what companies with access to their data can do with it. Since the 1995 EU Data Protection Directive the internet and cloud technology have changed the way that data is used or can be exploited.


What is Cyber Essentials?

Cyber Essentials is a government-backed, industry-supported scheme to help organisations protect themselves against common cyber attacks. Poor cyber security can damage your reputation and cost you business whereas strong cyber security can boost your reputation and win you more business at home and overseas.

DCI Cyber Essentials is a foundation level certification designed to provide a statement of the basic controls your organisation should have in place to mitigate the risk from common cyber threats. This is achieved through a self-assessment process carried out under the guidance of our cyber security experts.  Upon completion of the questionnaire you will receive the certification, allowing you to display the official Cyber Essentials badge on your documents and website.


When does GDPR take effect?

GDPR will apply in the UK and organisations must be compliant from 25 May 2018. The Government has confirmed that Brexit and the UK’s departure from the European Union will not affect the commencement of GDPR.


What does my organisation need to know?

There are many things that organisations need to be aware of when GDPR comes into effect. One of the big changes is that organisations that experience a data breach will see fines of up to 4% of their annual turnover or 20 million Euros, depending on which is greater. By way of comparison the current maximum fine for a data breach is £500,000.

If data security breaches remain at the levels of the past few years that could mean fines paid to the European regulator could hit hundreds of billions of pounds once GDPR comes into effect.

Other things to note when GDPR takes effect:

  • In the case of your organisation suffering a data breach, the Information Commissioner’s Office (ICO) MUST be informed within 72 hours of the breach.
  • Even if your organisation is not in the EU if you wish to sell to people in the EU you will need to be compliant with GDPR.
  • Companies must show valid consent for using personal information and data subjects will now have the so called “right to be forgotten.”

More information can be found at the official EU General Data Protection Regulation (GDPR) site here.

For many organisations the introduction of GDPR will make little difference as they are already working within the limits set by the regulation. However, those that are not need to start making sure they are compliant as soon as possible.


How can Cyber Essentials help with GDPR?

Whilst your organisation will require more than just Cyber Essentials to comply with GDPR, it is a step in the right direction. Cyber Essentials certification is evidence that you have taken steps towards protecting your organisation and its data from cyber attacks.


How do I get Cyber Essentials?

Certification with DCI Cyber Essentials can be started today. You can download our Scheme Summary which will provide you with background about the scheme, the scope of the assessment, assurance framework and the next steps to becoming certified.

Certification to the Government’s Cyber Essentials Scheme is a mandatory requirement for organisations wishing to win business with the MOD, and can help your organisation prepare and defend itself against malicious cyber attacks.

Become Cyber Essentials Certified today


Who are we?

From publishing the first national directory of public sector contracts, to being the first to market with our online Tracker solution, we have been the true pioneers of technology and innovation in the public sector marketplace. Throughout our 39 years, we have continued to evolve and chart new territory – placing our customers at the heart of everything we do. Take your business to the next level with Tracker now.

If you request a demo today!

Download your Free UK Defence Industry Report

Get SAAS-Y This Summer with DCI

Start Your Free Trial Today

Download your Free UK Defence Industry Report

Download your Free UK Defence Industry Report

When you sign up for a 3 day free trial or demo.

Limited time only

    BiP Solutions owns DCI and we look after your details carefully. We offer a range of products, services and events (some of which are free) that help buyers tender more efficiently and suppliers find, bid for and win public and private sector contracts. Only tick this box if you wish to receive information about these. We will never share your details with third parties and you will have the opportunity of opting out of communications every time we contact you. For further details, please see our Privacy Policy