3500 Lacey Road, Suite 100
Downers Grove, IL 60515
At our second UK Channel Community meetup of the year, which took place in Birmingham on the 15th of June, a whole range of issues were discussed to provide our members with all the materials they need to be prepared for the challenges that lie ahead for the industry. One of the topics that was covered was the impending EU General Data Protection Regulations (GDPR), which Richard Nicholas, a Technology Lawyer at Browne Jacobson LLP & Greg Shanks, Commercial Director at insurance broker Techdis Financial, covered in detail in one of our breakout sessions.
GDPR is a topic that is leaving businesses, both end users and suppliers, scratching their heads as to how it will affect them and what they need to do to be prepared once the law is implemented on the 25th of May 2018. Richard confirmed that the regulations will be affecting ISPs, saying that whereas previously it was only data controllers who were responsible for information, data processors now bear the burden of responsibility as well. This means service providers will have to ensure they are meeting GDPR standards, as they are processors of their clients’ data.
The new regulations are going to be like nothing we have seen before and a significant change from the current Data Protection Act that businesses must abide by. Richard pointed out the 10 main points that GDPR will cover:
There may be some who think that with the upcoming referendum, if Britain chooses to leave the EU then they will not have to comply with the regulations. Richard was quick to dispel this myth, saying that because GDPR applies to individuals within the EU or the European Economic Area (EEA), companies outside these zones will still have to meet the standards if they want to continue using data from citizens in the area.
The next topic raised was insurance. Greg Shanks was on hand to describe how insurance policies could change once GDPR comes into effect. First, he stated how as the regulations require every business that has had a data breach to report what has happened, there is going to more of an emphasis on liability and who is to blame as more hacks come to light.
Greg went on to explain how there are currently two options with regards to insurance, Professional Indemnity Insurance, which does not cover many areas from a cyber perspective; and Cyber Liability Insurance, which is not currently of a high enough standard. Greg believes that there needs to be collaboration between the IT sector and the security industry to create a clear, concise policies that can keep end users and suppliers safe.
It’s not all doom and gloom however, said Richard and Greg, sharing their top tips for ISPs to make sure they are ready with the big day arrives.
Finally, Richard said that the channel should treat GDPR not as a threat, but as an opportunity. Clients will be relying on their providers to help them meet regulations, which is a great opportunity to build on your relationships, all while creating new business with current and potential end users.
You may also be interested in reading our report “International Trends in Cybersecurity”
For more information about the benefits of CompTIA membership – Click Here