Councils in the UK’s capital have already begun preparing for the EU’s General Data Protection Regulation (GDPR).
A think tank report issued by Parliament Street has revealed that London’s city councils have invested up to £300,000 each on ensuring their digital systems are GDPR compliant before the May 25th deadline.
This means over £1.2 million has been spent enhancing and developing the necessary software, training and consultancy programs in light of the new data protection laws aimed at protecting the private and sensitive data of all EU citizens which replaces the 1995 EU Data Protection Directive.
The highest spending local authority was Tower Hamlets, which had dedicated £300,000 for GDPR compliance. The report also revealed that Tower Hamlets has committed to recruiting a specialist worker for 12 months to manage the project, with a salary of £49,514 per annum.
Another council that allocated a large budget towards setting up for the legislation was Redbridge Council which set aside £110,689. It also included an extra £15,000 to go towards management software to help relieve staff burdens.
Hounslow council, on the other hand, has spent a considerably lower amount of £1,000 on training staff and developing GDPR based materials, with an additional £4,000 set aside for further improvements to the project.
London is setting the example that many governmental institutions need to follow in the UK and around Europe. The rules are clear in that if compliance is not met or that the required security precautions have been ignored, then organizations could be fined up to 2% of the annual global revenue or €10 million, depending on which is greater. Fines will also be issued if a data breach occurs and the organization fails to meet the 72-hour deadline to report the incident to the higher authorities.
Investments in security are vital in ensuring the private data of civilians are safe. However, making the right investments is just as important. This is why encryption solutions like the eperi Gateway are the preferred choice for any organization looking keep their costs low, but their security at a high level. Once data is encrypted or tokenized to the highest standards, it becomes unreadable to those without access to the encryption keys.