As compliance continues to be a point of concern, we take a look at the implications of GDPR for UK health and care. More than four months have passed since the European Union began enforcing its General Data Protection Regulation (GDPR). But nearly one-fifth of organizations aren’t confident they could pass their first GDPR audit, according to a recent survey from cybersecurity company Imperva.Compliance continues to be a point of concern, especially with the recent fine from the UK Information Commissioner’s Office (ICO) on health insurance company Bupa for 175,000 over systemic data protection failures,” after a rogue employee extracted data of more than half a million customers and put it up for sale on the dark web.Although the incident happened before GDPR came into force and was under the UK Data Protection Act 1998, it once again raised the question: What would have happened if that wasn’t the case, as ICO now has the power to issue fines of up to 20m or four percent of a firms global turnover for the previous year (whichever is greater) under GDPR?

Source: Click here

Share this article

Facebook Comments