You may be aware that in May 2018 the new General Data Protection Regulations (GDPR) legislation comes into force. The GDPR imposes new rules on organisations who offer goods and services to people in the European Union (EU), or who collect and analyse data tied to EU residents. It replaces the Data Protection Act (DPA) and places raises the bar on privacy and compliance for any business that deals with personal data.
What is the GDPR?
Compliance with the GDPR is mandatory when storing or processing personal data of any EU citizen no matter where in the world the data is stored and processed, and is also mandatory for any organisation established in the EU. A regulation such as the GDPR is a binding act. The GDPR is an attempt to strengthen, harmonize, and modernize EU data protection law and enhance individual rights and freedoms, consistent with the European understanding of privacy as a fundamental human right. The GDPR regulates, among other things, how individuals and organizations may obtain, use, store, and eliminate personal data. It will have a significant impact on businesses around the world.
Taking Data Security Seriously
At Fluent Technology, we have always taken data security and data privacy extremely seriously. Our aim has always been to provide our customers with the highest level of data security and be accountable for the information held on our application. As such we constantly review and reinforce our security practices.
It is easy to state compliant but not so easy to prove it on an ongoing basis. However, Fluent Technology have for many years been certified against the ISO27001 security standard (most recently audited in September 2017) and in early 2017 Fluent Technology were accredited on the Cyber Essentials standard. We host our SaaS Flexi-Grant® system within the Rackspace™ environment in the UK, and Rackspace™ themselves are (amongst other certifications) ISO27001 accredited.
We believe that the GDPR is an important step forward for clarifying and enabling individual privacy rights, and enforcing accountability. As such we are committed to GDPR compliance when enforcement begins May 25, 2018, but it is important to state that we are confident that Flexi-Grant® will enable you to be compliant today.
To read our full statement on how our product will meet the GDPR requirements regarding the rights of individuals, click here.