You might have seen in the news over the past couple of days that search engine provider Google has been issued a fine by the French data regulator, CNIL totalling a whopping £44 million for breaching the data protection rules of the EU.
CNIL stated that people were not being “sufficiently informed” regarding the methods in which Google collects data in order to personalise advertising.
Two privacy rights groups – noyb and La Quadrature du Net – filed complaints about Google back in May 2018, with the first being filed on 25th May 2018, the day upon which GDPR took effect. Both groups stated that Google did not possess a ‘valid legal basis’ to process user data for the personalisation of ads under the new data protection rules.
Quite a hefty fine Google found themselves issued with, and now GDPR has taken full effect, it really is important that all businesses adhere to the rules in order to avoid any data breaches and one of these fines being thrown their own way.
The responsibility of protecting clients’ data lies with the business owner or manager, whether you have one client or one thousand, complying with the rules is equally as important. Hackers are keen to gain access to peoples’ personal data such as their name, address, national insurance number, credit/debt card details etc. and it is your job to ensure they don’t manage to steal any of this from your clients.
There are a number of steps you can take within your business right now – if you haven’t already – to ensure your clients personal data is, and remains, safe from hackers and fraud…
- Limit employee access to your clients’ data – always ensure software or documents that contain your clients’ data are password protected, and then ensure that only the necessary employees have access to these. The fewer people who know the passwords to access this data, the safer the data will be. Also, it is so important to remember to change these passwords regularly, and especially when someone who knows them leaves your business. Unfortunately, it does happen where a business forgets to change these upon an employee leaving, and this employee turns out to unhappy with the business and so therefore causes mayhem through having access to client data.
- Make use of firewalls & anti-virus software – there are thousands of hackers each day scoping out websites that they can easily break in to, so you can never have too much protection. Make sure you are using quality anti-virus software along with firewalls to protect all the data you hold. The longer it takes one of these hackers to break in, the more likely they are to move on to a much easier target. Remember, regularly updating your software makes your protection levels even higher, so do this at every opportunity you get.
- Keep your equipment safe – always make sure PC’s, laptops, tablets, any devices your businesses uses are safe and locked down when you close your office each day. Though chaining everything down isn’t always possible, always ensure doors are locked – security fob systems are great for this – any devices that can be stored safely away on an evening are, and that third-party individuals aren’t left alone with your equipment.
- Always inform individuals if their data has been breached – you should always inform your clients as soon as possible if you think their data may have been breached. If someone hacks into your systems, inform your clients immediately, this way, they can be extra cautious and ensure they are keeping a check on their bank accounts and credit cards if their payment details have been compromised. Not only is this providing a good professional service to your clients, it is also now law that you must notify individuals whose data has been put at risk.
- Pick a quality web host – there are hundreds of these businesses to chose from, but you really should spend some time researching before picking the one that is right for your business. These hosts run your website, hosting it on their own servers and providing their own forms of protection. As they are hosting your website, you really want to make sure you pick one with a great reputation, as you don’t want to risk your clients’ data through a third-party business.
If you own a business and need some advice or good quality web hosting, then Garvey’s IT are here to help. We offer a range of packages to suit each businesses own individual needs, and we work hard day and night to ensure your site, and therefore your clients, are safe from Internet hackers and fraudsters. Get in touch with us today to find out how we can help you.
Fox, Chris. ‘Google Hit with £44m GDPR Fine Over Ads.’ BBC News Online. https://www.bbc.co.uk/news/technology-46944696(21 January 2018).